CVE-2017-1000472

NameCVE-2017-1000472
DescriptionThe ZipCommon::isValidPath() function in Zip/src/ZipCommon.cpp in POCO C++ Libraries before 1.8 does not properly restrict the filename value in the ZIP header, which allows attackers to conduct absolute path traversal attacks during the ZIP decompression, and possibly create or overwrite arbitrary files, via a crafted ZIP file, related to a "file path injection vulnerability".
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDLA-1239-1, DSA-4083-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
poco (PTS)jessie, jessie (lts)1.3.6p1-5+deb8u1fixed
stretch (security), stretch (lts), stretch1.7.6+dfsg1-5+deb9u1fixed
buster1.9.0-5fixed
bullseye1.10.0-6+deb11u1fixed
bookworm1.11.0-3fixed
sid, trixie1.13.0-6fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
pocosourcewheezy1.3.6p1-4+deb7u1DLA-1239-1
pocosourcejessie1.3.6p1-5+deb8u1DSA-4083-1
pocosourcestretch1.7.6+dfsg1-5+deb9u1DSA-4083-1
pocosource(unstable)1.8.0-2

Notes

https://github.com/pocoproject/poco/issues/1968

Search for package or bug name: Reporting problems