Description
Directory traversal vulnerability in Be Graph BeZIP before 3.10 allows remote attackers to create or overwrite arbitrary files via a crafted archive file.
References (6)
Core 6
Core References
Third Party Advisory third-party-advisory
x_refsource_jvndb
http://jvndb.jvn.jp/jvndb/JVNDB-2012-000101
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/79916
Vendor Advisory x_refsource_confirm
http://www.be-graph.com/bgi/product/bezip/secure1.html#en
Third Party Advisory third-party-advisory
x_refsource_jvn
http://jvn.jp/en/jp/JVN18223913/index.html
Third Party Advisory x_refsource_confirm
http://jvn.jp/en/jp/JVN18223913/995378/index.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/56488
Scores
EPSS
0.0194
EPSS Percentile
77.7%
Details
CWE
CWE-22
Status
published
Products (4)
be-graph/bezip
3.00
be-graph/bezip
3.02
be-graph/bezip
3.03
be-graph/bezip
< 3.04
Published
Nov 08, 2012
Tracked Since
Feb 18, 2026