mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 02:31:38 +00:00
961 B
961 B
CVE-2018-12015
Description
In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.
POC
Reference
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900834
- https://www.oracle.com/security-alerts/cpujul2020.html