{"id":"CVE-2007-4829","details":"Directory traversal vulnerability in the Archive::Tar Perl module 1.36 and earlier allows user-assisted remote attackers to overwrite arbitrary files via a TAR archive that contains a file whose name is an absolute path or has \"..\" sequences.","modified":"2026-04-10T03:39:13.045758Z","published":"2007-11-02T16:46:00Z","references":[{"type":"ADVISORY","url":"http://rt.cpan.org/Public/Bug/Display.html?id=29517"},{"type":"ADVISORY","url":"http://rt.cpan.org/Public/Bug/Display.html?id=30380"},{"type":"ADVISORY","url":"http://secunia.com/advisories/27539"},{"type":"ADVISORY","url":"http://secunia.com/advisories/33116"},{"type":"ADVISORY","url":"http://secunia.com/advisories/33314"},{"type":"ADVISORY","url":"http://www.gentoo.org/security/en/glsa/glsa-200812-10.xml"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/26355"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/usn-700-1"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/usn-700-2"},{"type":"ADVISORY","url":"https://bugzilla.redhat.com/show_bug.cgi?id=295021"},{"type":"ADVISORY","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/38285"},{"type":"ADVISORY","url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11658"},{"type":"ARTICLE","url":"http://rt.cpan.org/Public/Bug/Display.html?id=29517"},{"type":"ARTICLE","url":"http://rt.cpan.org/Public/Bug/Display.html?id=30380"},{"type":"REPORT","url":"http://www.vupen.com/english/advisories/2007/3755"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=295021"},{"type":"WEB","url":"http://osvdb.org/40410"},{"type":"WEB","url":"https://issues.rpath.com/browse/RPL-1716"}],"schema_version":"1.7.5"}