• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Fastjar Archive Extraction Directory Traversal Vulnerability

Fastjar is prone to a directory-traversal vulnerability because the utility fails to properly sanitize user-supplied data.

An attacker can exploit this vulnerability to overwrite arbitrary files in the context of the user running the vulnerable application. Depending on the files overwritten, this could cause the system to crash or could facilitate unauthorized access; other attacks are also possible.