Bugzilla – Bug 915181
VUL-1: CVE-2015-1386 unshield: directory traversal
Last modified: 2019-05-29 08:56:19 UTC
rh#1185717 Jakub Wilk reports: Package: unshield Version: 1.0-1 Tags: security unshield is vulnerable to directory traversal via "../" sequences. As a proof of concept, unpacking the attached InstallShield archive creates a file in /tmp: $ ls /tmp/moo ls: cannot access /tmp/moo: No such file or directory $ unshield x data1.cab Cabinet: data1.cab extracting: ./Bovine_Files/../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../tmp/moo -------- ------- 1 files $ ls /tmp/moo /tmp/moo References: https://bugzilla.redhat.com/show_bug.cgi?id=1185717 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1386
bugbot adjusting priority
No other distribution has a patch AFAICS and I'm unable to locate the place where directory names are read and stored.
Closing because 13.2 isn't supported anymore.
It seems that version 1.4.0 includes fix for this issue
According to upstream changelog only changes are security and build fixes: - Update to version 1.4.2: * exit run-tests.sh with non-zero if there were failed tests - Changes for 1.4.1: * Security and distro fixes - Changes for 1.4.0: * Including fix for CVE-2015-1386 (boo#915181) However there is change of soversion of library - I am not sure if this would be ok to submit as maint update.
Does not seem to be of relevance anymore