CVE-2013-4668
EPSS 1.3%
Description
Directory traversal vulnerability in File Roller 3.6.x before 3.6.4, 3.8.x before 3.8.3, and 3.9.x before 3.9.3, when libarchive is used, allows remote attackers to create arbitrary files via a crafted archive that is not properly handled in a "Keep directory structure" action, related to fr-archive-libarchive.c and fr-window.c.
How to fix CVE-2013-4668
To remediate CVE-2013-4668, upgrade the affected package to a fixed version below.
- Debian/file-roller—upgrade to 3.8.3-1 or later
Is CVE-2013-4668 being exploited?
Low — EPSS is 1.3%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 3.8.3-1