logo

Database

Lack of data validation - Path Traversal In pear/archive_tar

Description

PEAR::Archive_Tar Directory Traversal vulnerability Directory traversal vulnerability in PEAR::Archive_Tar 1.2, and other versions before 1.3.2, allows remote attackers to create and overwrite arbitrary files via certain crafted pathnames in a TAR archive.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2006-09312. NVD-2006-09313. OSV-2006-09314. GCVE-2006-0931

References

1. http://pear.php.net/bugs/bug.php?id=69332. http://pear.php.net/package/Archive_Tar/download3. http://www.hamid.ir/security/phptar.txt

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.