{"id":"CVE-2016-7162","details":"The _g_file_remove_directory function in file-utils.c in File Roller 3.5.4 through 3.20.2 allows remote attackers to delete arbitrary files via a symlink attack on a folder in an archive.","modified":"2026-04-16T06:23:08.075440839Z","published":"2016-09-26T15:59:04.343Z","references":[{"type":"WEB","url":"http://ftp.gnome.org/mirror/gnome.org/sources/file-roller/3.21/file-roller-3.21.90.news"},{"type":"ADVISORY","url":"http://ftp.gnome.org/mirror/gnome.org/sources/file-roller/3.20/file-roller-3.20.3.news"},{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2016/09/08/4"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/92896"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-3074-1"},{"type":"REPORT","url":"https://bugzilla.gnome.org/show_bug.cgi?id=698554"},{"type":"FIX","url":"https://git.gnome.org/browse/file-roller/commit/?id=f70be1f41688859ec8dbe266df35a1839ceb96c5"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://gitlab.gnome.org/GNOME/file-roller","events":[{"introduced":"0"},{"last_affected":"7850fc12a13e9f33e09d511014488358bfffbdb9"},{"introduced":"0"},{"last_affected":"485c3519ef64afea1223845dfabb15ee9cf2d06f"},{"introduced":"0"},{"last_affected":"a50ba6e449ce16b5b6bc7ae572424035a66137eb"},{"introduced":"0"},{"last_affected":"66b52fc6d38ddc39af6913a68b2df320279d15d5"},{"introduced":"0"},{"last_affected":"c1651e186f2f5af153a02276e7f4b7dc2c4706d0"},{"introduced":"0"},{"last_affected":"7564065aa087deb9f228cbfaf01b08f020edede4"},{"introduced":"0"},{"last_affected":"1bcd3da286cc05e1e84266cc969a2202e439126c"},{"introduced":"0"},{"last_affected":"cd9f4202ab6aa440367c1e8f58818a86c6f53aa7"},{"introduced":"0"},{"last_affected":"77906905cd22febb2edc84c2f480ce02d82140a1"},{"introduced":"0"},{"last_affected":"eb4282b1e1f35641bf1e543d2ce93bc770ccea0a"},{"introduced":"0"},{"last_affected":"da59ebafb0a2900b09c86b33c3f3f0ee9d58d8bf"},{"introduced":"0"},{"last_affected":"76c9fd23b7c3fb85804459e9bbfcd42949b7598a"},{"introduced":"0"},{"last_affected":"ab7c479be3a987ef92c88a623679abb09c8c9c25"},{"introduced":"0"},{"last_affected":"37daf88584d93a560cce069c07c1c71818a519e7"},{"introduced":"0"},{"last_affected":"896a76a8a3da6f5fc83cbe1427c55033686f1b5c"},{"introduced":"0"},{"last_affected":"a0295d1fb0ab1695aa56f593723bbfb5de4236ed"},{"introduced":"0"},{"last_affected":"3ab20ba36333c7db237b028920fd5d74afb3a4b2"},{"introduced":"0"},{"last_affected":"440695f1a684cdb01837c66d5f7f3b1dcad4f5b3"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"3.5.4"},{"introduced":"0"},{"last_affected":"3.6.0"},{"introduced":"0"},{"last_affected":"3.6.1"},{"introduced":"0"},{"last_affected":"3.6.1.1"},{"introduced":"0"},{"last_affected":"3.6.2"},{"introduced":"0"},{"last_affected":"3.6.3"},{"introduced":"0"},{"last_affected":"3.6.4"},{"introduced":"0"},{"last_affected":"3.8.0"},{"introduced":"0"},{"last_affected":"3.8.1"},{"introduced":"0"},{"last_affected":"3.8.2"},{"introduced":"0"},{"last_affected":"3.8.3"},{"introduced":"0"},{"last_affected":"3.9.1"},{"introduced":"0"},{"last_affected":"3.9.2"},{"introduced":"0"},{"last_affected":"3.9.3"},{"introduced":"0"},{"last_affected":"3.10"},{"introduced":"0"},{"last_affected":"3.20"},{"introduced":"0"},{"last_affected":"3.20.1"},{"introduced":"0"},{"last_affected":"3.20.2"}]}}],"versions":["3.0.1","3.0.2","3.1.1","3.1.2","3.1.90","3.1.91","3.1.92","3.10.0","3.10.1","3.11.1","3.11.2","3.11.3","3.11.4","3.11.5","3.11.90","3.11.91","3.11.92","3.12.0","3.12.1","3.13.1","3.13.2","3.13.91","3.13.92","3.14.0","3.14.1","3.15.1","3.15.2","3.15.90","3.15.91","3.15.92","3.16.0","3.16.1","3.16.2","3.16.3","3.16.4","3.19.1","3.19.90","3.19.91","3.2.0","3.2.1","3.20.0","3.20.1","3.20.2","3.3.1","3.3.2","3.3.3","3.3.90","3.3.91","3.3.92","3.4.0","3.4.1","3.4.2","3.5.1","3.5.2","3.5.3","3.5.4","3.5.90","3.5.91","3.5.92","3.6.0","3.6.1","3.6.1.1","3.6.2","3.6.3","3.6.4","3.7.1","3.7.2","3.7.3","3.7.90","3.7.91","3.7.92","3.8.0","3.8.1","3.8.2","3.8.3","3.9.1","3.9.2","3.9.3","3.9.4","3.9.90","3.9.91","3.9.92","FILE_ROLLER_2_13_2","FILE_ROLLER_2_13_4","FILE_ROLLER_2_13_90","FILE_ROLLER_2_13_91","FILE_ROLLER_2_13_92","FILE_ROLLER_2_14_0","FILE_ROLLER_2_14_1","FILE_ROLLER_2_14_2","FILE_ROLLER_2_14_3","FILE_ROLLER_2_15_1","FILE_ROLLER_2_15_90","FILE_ROLLER_2_15_91","FILE_ROLLER_2_15_92","FILE_ROLLER_2_15_93","FILE_ROLLER_2_16_0","FILE_ROLLER_2_16_1","FILE_ROLLER_2_17_1","FILE_ROLLER_2_17_2","FILE_ROLLER_2_17_3","FILE_ROLLER_2_17_4","FILE_ROLLER_2_17_5","FILE_ROLLER_2_17_90","FILE_ROLLER_2_17_91","FILE_ROLLER_2_17_92","FILE_ROLLER_2_18_0","FILE_ROLLER_2_19_1","FILE_ROLLER_2_19_2","FILE_ROLLER_2_19_3","FILE_ROLLER_2_19_4","FILE_ROLLER_2_19_90","FILE_ROLLER_2_19_91","FILE_ROLLER_2_19_92","FILE_ROLLER_2_20_0","FILE_ROLLER_2_20_1","FILE_ROLLER_2_20_2","FILE_ROLLER_2_21_1","FILE_ROLLER_2_21_2","FILE_ROLLER_2_21_91","FILE_ROLLER_2_21_92","FILE_ROLLER_2_22_0","FILE_ROLLER_2_23_1","FILE_ROLLER_2_23_2","FILE_ROLLER_2_23_3","FILE_ROLLER_2_23_4","FILE_ROLLER_2_23_5","FILE_ROLLER_2_23_6","FILE_ROLLER_2_23_91","FILE_ROLLER_2_23_92","FILE_ROLLER_2_24_0","FILE_ROLLER_2_24_1","FILE_ROLLER_2_24_2","FILE_ROLLER_2_25_1","FILE_ROLLER_2_25_2","FILE_ROLLER_2_25_90","FILE_ROLLER_2_25_91","FILE_ROLLER_2_25_92","FILE_ROLLER_2_26_0","FILE_ROLLER_2_26_1","FILE_ROLLER_2_27_1","FILE_ROLLER_2_27_2","FILE_ROLLER_2_27_3","FILE_ROLLER_2_27_90","FILE_ROLLER_2_27_91","FILE_ROLLER_2_27_92","FILE_ROLLER_2_28_0","FILE_ROLLER_2_28_1","FILE_ROLLER_2_29_1","FILE_ROLLER_2_29_2","FILE_ROLLER_2_29_3","FILE_ROLLER_2_29_4","FILE_ROLLER_2_29_5","FILE_ROLLER_2_29_90","FILE_ROLLER_2_29_91","FILE_ROLLER_2_29_92","FILE_ROLLER_2_30_0","FILE_ROLLER_2_30_1","FILE_ROLLER_2_30_1_1","FILE_ROLLER_2_31_1","FILE_ROLLER_2_31_2","FILE_ROLLER_2_31_3","FILE_ROLLER_2_31_4","FILE_ROLLER_2_31_5","FILE_ROLLER_2_31_90","FILE_ROLLER_2_31_91","FILE_ROLLER_2_31_92","FILE_ROLLER_2_32_0","FILE_ROLLER_2_4_0_1","FILE_ROLLER_2_91_0","FILE_ROLLER_2_91_1","FILE_ROLLER_2_91_2","FILE_ROLLER_2_91_3","FILE_ROLLER_2_91_4","FILE_ROLLER_2_91_5","FILE_ROLLER_2_91_6","FILE_ROLLER_2_91_90","FILE_ROLLER_2_91_91","FILE_ROLLER_2_91_92","FILE_ROLLER_2_91_93","FILE_ROLLER_3_0_0","start"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-7162.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"14.04"}]},{"events":[{"introduced":"0"},{"last_affected":"16.04"}]},{"events":[{"introduced":"0"},{"last_affected":"3.9.0"}]},{"events":[{"introduced":"0"},{"last_affected":"3.15"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}]}