CVE-2006-0926

Published Feb 28, 2006

Last updated 3 months ago

CVSS info 2.6

Overview

Description: Multiple directory traversal vulnerabilities in Allume StuffIt Standard and Deluxe 9.0, ZipMagic Deluxe 9.0, and StuffIt Expander 9.0.0.21 Engine 9.0.0.21 allow remote attackers to create and overwrite arbitrary files via certain crafted pathnames in a (1) zip or (2) tar archive.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 2.6
Impact score: 2.9
Exploitability score: 4.9
Vector string: AV:N/AC:H/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:smithmicro:stuffit_deluxe:9.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FFCBEE5A-6227-42BB-BA7B-4EEC4D259050"
          },
          {
            "criteria": "cpe:2.3:a:smithmicro:stuffit_expander:9.0.0.21_engine_9.0.0.21:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B3318D3A-DF5D-4EA2-8190-F88083796245"
          },
          {
            "criteria": "cpe:2.3:a:smithmicro:stuffit_standard:9.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4FE5B10E-FE90-4502-8DF6-AC5DBF10BBAA"
          },
          {
            "criteria": "cpe:2.3:a:smithmicro:zipmagic_deluxe:9.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3669E791-1022-491B-A831-D49ED84D32D7"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References