Unrated severityNVD Advisory· Published Apr 8, 2015· Updated May 6, 2026
CVE-2015-0556
CVE-2015-0556
Description
Open-source ARJ archiver 3.10.22 allows remote attackers to conduct directory traversal attacks via a symlink attack in an ARJ archive.
Affected products
4cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
10- www.openwall.com/lists/oss-security/2015/01/03/5nvdExploit
- www.openwall.com/lists/oss-security/2015/01/05/9nvdExploit
- bugs.debian.org/cgi-bin/bugreport.cginvdExploit
- lists.fedoraproject.org/pipermail/package-announce/2015-April/154518.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2015-April/154605.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2015-April/155011.htmlnvd
- www.debian.org/security/2015/dsa-3213nvd
- www.mandriva.com/security/advisoriesnvd
- www.securityfocus.com/bid/71860nvd
- security.gentoo.org/glsa/201612-15nvd
News mentions
0No linked articles in our index yet.