VYPR
Unrated severityNVD Advisory· Published Nov 29, 2019· Updated Aug 6, 2024

CVE-2015-2060

CVE-2015-2060

Description

cabextract before 1.6 does not properly check for leading slashes when extracting files, which allows remote attackers to conduct absolute directory traversal attacks via a malformed UTF-8 character that is changed to a UTF-8 encoded slash.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

1

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.