CVE-2007-4559

Table of Contents

Impact:
Low
Public Date:
2007-08-24
Bugzilla:
263261: CVE-2007-4559 python tarfile module directory traversal

The MITRE CVE dictionary describes this issue as:

Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.

Find out more about CVE-2007-4559 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=263261

The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: http://www.redhat.com/security/updates/classification/

Last Modified

CVE description copyright © 2017, The MITRE Corporation