Gamespy Arcade GSAPAK.EXE .APK提取文件破坏漏洞

漏洞信息详情

Gamespy Arcade GSAPAK.EXE .APK提取文件破坏漏洞

漏洞简介

可能GameSpy Arcade 1.3e之前版本的GSAPAK.EXE存在目录遍历漏洞。远程攻击者可以借助.APK (Zip)文件文件名中的..(点 点)序列覆盖任意文件并执行任意代码。

漏洞公告

It has been reported that a patch to address this issue is currently being developed and is scheduled for release in the near future. However, this information has not been confirmed by Symantec.
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com .
@securityfocus.com>

参考网址

来源: BID
名称: 8309
链接:http://www.securityfocus.com/bid/8309

来源: www.gamespyarcade.com
链接:http://www.gamespyarcade.com/features/versions.shtml

来源: BUGTRAQ
名称: 20030730 GameSpy Arcade Arbitrary File Writing Vulnerability
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=105958779017085&w=2

来源: VULNWATCH
名称: 20030730 GameSpy Arcade Arbitrary File Writing Vulnerability
链接:http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0064.html

受影响实体

© 版权声明
THE END
喜欢就支持一下吧
点赞0 分享