Directory traversal vulnerability in e-merge WinAce 2.6 and earlier allows remote attackers to create and overwrite arbitrary files via certain crafted pathnames in a (1) zip or (2) tar archive.
References
| Link | Resource |
|---|---|
| http://secunia.com/advisories/19013 | Vendor Advisory |
| http://www.hamid.ir/security/winace.txt | Exploit Vendor Advisory |
| http://www.osvdb.org/23464 | Vendor Advisory |
| http://www.securityfocus.com/archive/1/425971/100/0/threaded | |
| http://www.securityfocus.com/bid/16800 | Exploit Vendor Advisory |
| http://www.vupen.com/english/advisories/2006/0730 | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/24902 | |
| http://secunia.com/advisories/19013 | Vendor Advisory |
| http://www.hamid.ir/security/winace.txt | Exploit Vendor Advisory |
| http://www.osvdb.org/23464 | Vendor Advisory |
| http://www.securityfocus.com/archive/1/425971/100/0/threaded | |
| http://www.securityfocus.com/bid/16800 | Exploit Vendor Advisory |
| http://www.vupen.com/english/advisories/2006/0730 | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/24902 |
Configurations
History
21 Nov 2024, 00:07
| Type | Values Removed | Values Added |
|---|---|---|
| References | () http://secunia.com/advisories/19013 - Vendor Advisory | |
| References | () http://www.hamid.ir/security/winace.txt - Exploit, Vendor Advisory | |
| References | () http://www.osvdb.org/23464 - Vendor Advisory | |
| References | () http://www.securityfocus.com/archive/1/425971/100/0/threaded - | |
| References | () http://www.securityfocus.com/bid/16800 - Exploit, Vendor Advisory | |
| References | () http://www.vupen.com/english/advisories/2006/0730 - | |
| References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/24902 - |
Information
Published : 2006-03-03 11:02
Updated : 2025-04-03 01:03
NVD link : CVE-2006-0981
Mitre link : CVE-2006-0981
CVE.ORG link : CVE-2006-0981
JSON object : View
Products Affected
e-merge
- e-merge_winace
CWE