Search for vulnerabilities
Vulnerability details: VCID-udt2-khta-aaaa
Vulnerability ID VCID-udt2-khta-aaaa
Aliases CVE-2007-4829
Summary Directory traversal vulnerability in the Archive::Tar Perl module 1.36 and earlier allows user-assisted remote attackers to overwrite arbitrary files via a TAR archive that contains a file whose name is an absolute path or has ".." sequences.
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
System Score Found at
rhas Moderate https://access.redhat.com/errata/RHSA-2010:0505
epss 0.01255 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01486 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01802 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01802 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01802 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01802 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01802 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01802 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01802 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01802 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01802 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01802 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01802 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01802 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.01802 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.02501 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.02501 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.02501 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.02501 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.02536 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.02536 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.02536 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.03550 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.03550 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.03550 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.03550 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.03550 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.03550 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.03550 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.03550 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
epss 0.03550 https://api.first.org/data/v1/epss?cve=CVE-2007-4829
cvssv2 6.8 https://nvd.nist.gov/vuln/detail/CVE-2007-4829
Reference id Reference type URL
http://osvdb.org/40410
http://rt.cpan.org/Public/Bug/Display.html?id=29517
http://rt.cpan.org/Public/Bug/Display.html?id=30380
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4829.json
https://api.first.org/data/v1/epss?cve=CVE-2007-4829
https://bugzilla.redhat.com/show_bug.cgi?id=295021
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4829
http://secunia.com/advisories/27539
http://secunia.com/advisories/33116
http://secunia.com/advisories/33314
https://exchange.xforce.ibmcloud.com/vulnerabilities/38285
https://issues.rpath.com/browse/RPL-1716
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11658
http://www.gentoo.org/security/en/glsa/glsa-200812-10.xml
http://www.securityfocus.com/bid/26355
http://www.ubuntu.com/usn/usn-700-1
http://www.ubuntu.com/usn/usn-700-2
http://www.vupen.com/english/advisories/2007/3755
449544 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=449544
cpe:2.3:a:archive\:\:tar_project:archive\:\:tar:*:*:*:*:*:perl:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:archive\:\:tar_project:archive\:\:tar:*:*:*:*:*:perl:*:*
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*
CVE-2007-4829 https://nvd.nist.gov/vuln/detail/CVE-2007-4829
GLSA-200812-10 https://security.gentoo.org/glsa/200812-10
RHSA-2010:0505 https://access.redhat.com/errata/RHSA-2010:0505
USN-700-1 https://usn.ubuntu.com/700-1/
No exploits are available.
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2007-4829
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.66878
EPSS Score 0.01255
Published At March 29, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.