1. Home
  2. CVE Database
  3. CVE-2006-0926
LOW · 2.6

CVE-2006-0926

Multiple directory traversal vulnerabilities in Allume StuffIt Standard and Deluxe 9.0, ZipMagic Deluxe 9.0, and StuffIt Expander 9.0.0.21 Engine 9.0.0.21 allow remote attackers to create and overwrit...

Vulnerability Description

Multiple directory traversal vulnerabilities in Allume StuffIt Standard and Deluxe 9.0, ZipMagic Deluxe 9.0, and StuffIt Expander 9.0.0.21 Engine 9.0.0.21 allow remote attackers to create and overwrite arbitrary files via certain crafted pathnames in a (1) zip or (2) tar archive.

CVSS Score

2.6

LOW

AV:N/AC:H/Au:N/C:N/I:P/A:N
Confidentiality
NONE
Integrity
PARTIAL
Availability
NONE

Affected Products

VendorProductVersions
SmithmicroStuffit Deluxe9.0
SmithmicroStuffit Expander9.0.0.21_engine_9.0.0.21
SmithmicroStuffit Standard9.0
SmithmicroZipmagic Deluxe9.0

References

FAQ

What is CVE-2006-0926?

CVE-2006-0926 is a vulnerability with a CVSS score of 2.6 (LOW). Multiple directory traversal vulnerabilities in Allume StuffIt Standard and Deluxe 9.0, ZipMagic Deluxe 9.0, and StuffIt Expander 9.0.0.21 Engine 9.0.0.21 allow remote attackers to create and overwrit...

How severe is CVE-2006-0926?

CVE-2006-0926 has been rated LOW with a CVSS base score of 2.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2006-0926?

Check the references section above for vendor advisories and patch information. Affected products include: Smithmicro Stuffit Deluxe, Smithmicro Stuffit Expander, Smithmicro Stuffit Standard, Smithmicro Zipmagic Deluxe.