CVE-2005-2670

high

Description

Directory traversal vulnerability in HAURI Anti-Virus products including ViRobot Expert 4.0, Advanced Server, Linux Server 2.0, and LiveCall allows remote attackers to overwrite arbitrary files via ".." sequences in filenames contained in (1) ACE, (2) ARJ, (3) CAB, (4) LZH, (5) RAR, (6) TAR and (7) ZIP files.

References

http://www.securityfocus.com/bid/14606

http://www.globalhauri.com/html/download/down_unixpatch.html

http://securitytracker.com/id?1014740

http://secunia.com/secunia_research/2005-24/advisory

http://secunia.com/advisories/15846

Details

Source: Mitre, NVD

Published: 2005-08-23

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Severity: High

EPSS

EPSS: 0.02627