Vulnerability Details : CVE-2016-7162
Potential exploit
The _g_file_remove_directory function in file-utils.c in File Roller 3.5.4 through 3.20.2 allows remote attackers to delete arbitrary files via a symlink attack on a folder in an archive.
Products affected by CVE-2016-7162
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
- cpe:2.3:a:file_roller_project:file_roller:3.5.4:*:*:*:*:gnome:*:*
- cpe:2.3:a:file_roller_project:file_roller:3.6.0:*:*:*:*:gnome:*:*
- cpe:2.3:a:file_roller_project:file_roller:3.6.1:*:*:*:*:gnome:*:*
- cpe:2.3:a:file_roller_project:file_roller:3.6.1.1:*:*:*:*:gnome:*:*
- cpe:2.3:a:file_roller_project:file_roller:3.6.2:*:*:*:*:gnome:*:*
- cpe:2.3:a:file_roller_project:file_roller:3.6.3:*:*:*:*:gnome:*:*
- cpe:2.3:a:file_roller_project:file_roller:3.6.4:*:*:*:*:gnome:*:*
- cpe:2.3:a:file_roller_project:file_roller:3.8.0:*:*:*:*:gnome:*:*
- cpe:2.3:a:file_roller_project:file_roller:3.8.1:*:*:*:*:gnome:*:*
- cpe:2.3:a:file_roller_project:file_roller:3.8.2:*:*:*:*:gnome:*:*
- cpe:2.3:a:file_roller_project:file_roller:3.8.3:*:*:*:*:gnome:*:*
- cpe:2.3:a:file_roller_project:file_roller:3.9.0:*:*:*:*:gnome:*:*
- cpe:2.3:a:file_roller_project:file_roller:3.9.1:*:*:*:*:gnome:*:*
- cpe:2.3:a:file_roller_project:file_roller:3.9.2:*:*:*:*:gnome:*:*
- cpe:2.3:a:file_roller_project:file_roller:3.9.3:*:*:*:*:gnome:*:*
- cpe:2.3:a:file_roller_project:file_roller:3.10:*:*:*:*:gnome:*:*
- cpe:2.3:a:file_roller_project:file_roller:3.15:*:*:*:*:gnome:*:*
- cpe:2.3:a:file_roller_project:file_roller:3.20:*:*:*:*:gnome:*:*
- cpe:2.3:a:file_roller_project:file_roller:3.20.1:*:*:*:*:gnome:*:*
- cpe:2.3:a:file_roller_project:file_roller:3.20.2:*:*:*:*:gnome:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-7162
1.15%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 77 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-7162
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:P/A:N |
10.0
|
2.9
|
NIST | |
|
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2016-7162
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-7162
-
http://www.securityfocus.com/bid/92896
File Roller 'src/file-utils.c' Directory Traversal VulnerabilityThird Party Advisory;VDB Entry
-
http://www.ubuntu.com/usn/USN-3074-1
USN-3074-1: File Roller vulnerability | Ubuntu security noticesThird Party Advisory
-
http://ftp.gnome.org/mirror/gnome.org/sources/file-roller/3.21/file-roller-3.21.90.news
Broken Link
-
https://git.gnome.org/browse/file-roller/commit/?id=f70be1f41688859ec8dbe266df35a1839ceb96c5
do not follow symlinks when deleting a folder recursively (f70be1f4) · Commits · GNOME / file-roller · GitLabPatch
-
http://ftp.gnome.org/mirror/gnome.org/sources/file-roller/3.20/file-roller-3.20.3.news
Third Party Advisory
-
http://www.openwall.com/lists/oss-security/2016/09/08/4
oss-security - Re: CVE Request: File Roller path traversalMailing List;Third Party Advisory
-
https://bugzilla.gnome.org/show_bug.cgi?id=698554
Bug 698554 – file-roller deletes the content of folders upon extraction, if archive contains linksExploit;Issue Tracking
Jump to