CVE-2006-3619 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2006-3619
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-3619

Description: Directory traversal vulnerability in FastJar 0.93, as used in Gnu GCC 4.1.1 and earlier, and 3.4.6 and earlier, allows user-assisted attackers to overwrite arbitrary files via a .jar file containing filenames with "../" sequences.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/27806 ST 1017987 SGI SAID Secunia Advisory: SA25894 Secunia Advisory: SA25633 Secunia Advisory: SA25281 Secunia Advisory: SA25098 Secunia Advisory: SA17839 Secunia Advisory: SA21100 Secunia Advisory: SA21797 Secunia Advisory: SA26909 Secunia Advisory: SA27706 Secunia Advisory: SA29334 REDHAT http://rhn.redhat.com/errata/RHSA-2007-0473.html http://www.redhat.com/support/errata/RHSA-2007-0220.html OSVDB 21337 MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:066 GENTOO http://security.gentoo.org/glsa/glsa-200711-23.xml FULLDISC http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html DEBIAN http://www.debian.org/security/2006/dsa-1170 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2007-189.htm http://lists.debian.org/debian-gcc/2006/05/msg00317.html http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28359 BID 15669

Return to the previous page.