CVE-2006-3619

NameCVE-2006-3619
DescriptionDirectory traversal vulnerability in FastJar 0.93, as used in Gnu GCC 4.1.1 and earlier, and 3.4.6 and earlier, allows user-assisted attackers to overwrite arbitrary files via a .jar file containing filenames with "../" sequences.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDSA-1170
Debian Bugs368397

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
gcc-3.4sourcesarge3.4.3-13sarge1DSA-1170
gcc-3.4source(unstable)3.4.4-0
gcc-4.1source(unstable)4.1.1-11low368397

Notes

gcc-3.4 no longer builds the fastjar package

Search for package or bug name: Reporting problems