Arbitrary File Overwrite Vulnerability in fstream.DirWriter() Function

Arbitrary File Overwrite Vulnerability in fstream.DirWriter() Function

CVE-2019-13173 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:P

fstream before 1.0.12 is vulnerable to Arbitrary File Overwrite. Extracting tarballs containing a hardlink to a file that already exists in the system, and a file that matches the hardlink, will overwrite the system's file with the contents of the extracted file. The fstream.DirWriter() function is vulnerable.

Learn more about our Web Application Penetration Testing UK.