Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Arj Software Subscribe
Filtered by product Arj Archiver
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-0556 2 Arj Software, Fedoraproject 2 Arj Archiver, Fedora 2017-06-30 5.8 MEDIUM N/A
Open-source ARJ archiver 3.10.22 allows remote attackers to conduct directory traversal attacks via a symlink attack in an ARJ archive.
CVE-2015-0557 2 Arj Software, Fedoraproject 2 Arj Archiver, Fedora 2017-06-30 5.8 MEDIUM N/A
Open-source ARJ archiver 3.10.22 does not properly remove leading slashes from paths, which allows remote attackers to conduct absolute path traversal attacks and write to arbitrary files via multiple leading slashes in a path in an ARJ archive.
CVE-2015-2782 3 Arj Software, Debian, Fedoraproject 3 Arj Archiver, Debian Linux, Fedora 2017-06-30 7.5 HIGH N/A
Buffer overflow in Open-source ARJ archiver 3.10.22 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ARJ archive.