{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-05-13T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in aria2 before 1.9.3 allows remote attackers to create arbitrary files via directory traversal sequences in the name attribute of a file element in a metalink file."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-10T18:57:01.000Z", "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab", "shortName": "flexera"}, "references": [{"name": "20100513 Secunia Research: aria2 metalink \"name\" Directory Traversal Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/511280/100/0/threaded"}, {"name": "40142", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/40142"}, {"name": "FEDORA-2010-8915", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041758.html"}, {"name": "39872", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/39872"}, {"name": "ADV-2011-0116", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0116"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://downloads.sourceforge.net/project/aria2/stable/aria2-1.9.3/NEWS"}, {"name": "FEDORA-2010-8908", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041754.html"}, {"name": "FEDORA-2010-8905", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041753.html"}, {"name": "64592", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/64592"}, {"name": "SUSE-SR:2010:017", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"}, {"name": "ADV-2010-1229", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/1229"}, {"name": "42906", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/42906"}, {"name": "SUSE-SR:2010:014", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"}, {"name": "39529", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/39529"}, {"name": "MDVSA-2010:106", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:106"}, {"name": "DSA-2047", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2010/dsa-2047"}, {"name": "ADV-2010-1228", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/1228"}, {"name": "GLSA-201101-04", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-201101-04.xml"}, {"tags": ["x_refsource_MISC"], "url": "http://secunia.com/secunia_research/2010-71/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "PSIRT-CNA@flexerasoftware.com", "ID": "CVE-2010-1512", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Directory traversal vulnerability in aria2 before 1.9.3 allows remote attackers to create arbitrary files via directory traversal sequences in the name attribute of a file element in a metalink file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20100513 Secunia Research: aria2 metalink \"name\" Directory Traversal Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/511280/100/0/threaded"}, {"name": "40142", "refsource": "BID", "url": "http://www.securityfocus.com/bid/40142"}, {"name": "FEDORA-2010-8915", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041758.html"}, {"name": "39872", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/39872"}, {"name": "ADV-2011-0116", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2011/0116"}, {"name": "http://downloads.sourceforge.net/project/aria2/stable/aria2-1.9.3/NEWS", "refsource": "CONFIRM", "url": "http://downloads.sourceforge.net/project/aria2/stable/aria2-1.9.3/NEWS"}, {"name": "FEDORA-2010-8908", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041754.html"}, {"name": "FEDORA-2010-8905", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041753.html"}, {"name": "64592", "refsource": "OSVDB", "url": "http://www.osvdb.org/64592"}, {"name": "SUSE-SR:2010:017", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"}, {"name": "ADV-2010-1229", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/1229"}, {"name": "42906", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/42906"}, {"name": "SUSE-SR:2010:014", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"}, {"name": "39529", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/39529"}, {"name": "MDVSA-2010:106", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:106"}, {"name": "DSA-2047", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2010/dsa-2047"}, {"name": "ADV-2010-1228", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/1228"}, {"name": "GLSA-201101-04", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-201101-04.xml"}, {"name": "http://secunia.com/secunia_research/2010-71/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2010-71/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T01:28:41.465Z"}, "title": "CVE Program Container", "references": [{"name": "20100513 Secunia Research: aria2 metalink \"name\" Directory Traversal Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/511280/100/0/threaded"}, {"name": "40142", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/40142"}, {"name": "FEDORA-2010-8915", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041758.html"}, {"name": "39872", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/39872"}, {"name": "ADV-2011-0116", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/0116"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://downloads.sourceforge.net/project/aria2/stable/aria2-1.9.3/NEWS"}, {"name": "FEDORA-2010-8908", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041754.html"}, {"name": "FEDORA-2010-8905", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041753.html"}, {"name": "64592", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/64592"}, {"name": "SUSE-SR:2010:017", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"}, {"name": "ADV-2010-1229", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2010/1229"}, {"name": "42906", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/42906"}, {"name": "SUSE-SR:2010:014", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"}, {"name": "39529", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/39529"}, {"name": "MDVSA-2010:106", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:106"}, {"name": "DSA-2047", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2010/dsa-2047"}, {"name": "ADV-2010-1228", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2010/1228"}, {"name": "GLSA-201101-04", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-201101-04.xml"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://secunia.com/secunia_research/2010-71/"}]}]}, "cveMetadata": {"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab", "assignerShortName": "flexera", "cveId": "CVE-2010-1512", "datePublished": "2010-05-17T20:42:00.000Z", "dateReserved": "2010-04-26T00:00:00.000Z", "dateUpdated": "2024-08-07T01:28:41.465Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:*:*:*:*:*:*:*:*", "matchCriteriaId": "16CE187D-D7BC-44F2-B623-668452FE0509", "versionEndIncluding": "1.9.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "03242A98-63A3-4225-952E-5AE318D7A92F", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "F34C9FCB-5DCD-4064-BA9E-3B77A6335EDE", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "66FC43A1-0EE4-4346-ABAC-3E5C55B2E956", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.2.1\\+1:*:*:*:*:*:*:*", "matchCriteriaId": "DF9B5EC2-982F-43E0-AB41-CC4194EBD2AC", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.2.1\\+2:*:*:*:*:*:*:*", "matchCriteriaId": "E21B5EB1-BEFD-4FC3-9B6E-9E8F4E31910A", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "F907E5D6-6F7F-40A9-BF6F-DC5DB7852EAC", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "B81A9EB3-744D-4282-91F2-5DA5BC1DCA56", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.3.1\\+1:*:*:*:*:*:*:*", "matchCriteriaId": "6F851FBE-A34B-419D-B394-858DFA37EC40", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.3.1\\+2:*:*:*:*:*:*:*", "matchCriteriaId": "251C3C4B-FB43-4183-BE8C-925D5BB535AE", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "F2C39B80-9C81-4517-A3AD-D286A2E33CB6", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "EA48EA83-80EA-4C89-A41D-27B170464396", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "208DF477-AB91-43CB-B691-5EF00D896B2A", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "47E85C62-54E0-4D76-8DC3-94C55C7A52BF", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.5.0\\+1:*:*:*:*:*:*:*", "matchCriteriaId": "972F3ADF-648D-4F64-A434-DECD0230AB41", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.5.0\\+2:*:*:*:*:*:*:*", "matchCriteriaId": "92357F15-6DC4-482E-A2A8-D6F940E66008", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "D1B7DE66-BC37-4504-A165-982B2240D5EA", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "75431CA8-47D6-4A92-82B9-A384BE8E3A2E", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2C8D4A3C-01AD-41C0-850A-D33EF4DEA138", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.6.0\\+1:*:*:*:*:*:*:*", "matchCriteriaId": "105F4587-036E-4B2F-9838-EFFC234391C1", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "07F30EE3-4649-4D92-8C6D-C0CBDFC009C9", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "89B992E4-510C-40C9-92F4-CADD82EFFDBC", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "01433988-EC45-4B43-BA1E-239A875A2E40", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "07A178F2-B101-4FDF-9778-398B6F75E0A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C7CEDC67-D0B2-4728-9229-CD2B8A9E99B2", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "913DD9CF-3C69-447A-9121-003B1D30292C", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "14F61EC6-B557-4E06-8D6D-83EDE600F1F9", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "33AD13D7-D4A1-4793-BD66-E771B35B9EFA", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.10.0\\+1:*:*:*:*:*:*:*", "matchCriteriaId": "EFC0EE14-59B6-4C58-841D-4F3C1C825DA7", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "3FC67B23-1E8E-431C-A0E8-725B7B6E5A2E", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "7A4B12B9-3559-457E-8408-7D5A3237679C", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.10.2\\+1:*:*:*:*:*:*:*", "matchCriteriaId": "5DB11940-40A7-4037-930C-716D8A7332E9", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.11.0:*:*:*:*:*:*:*", "matchCriteriaId": "FB80C5A0-F28F-49DD-9859-67F0F132D2E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.11.1:*:*:*:*:*:*:*", "matchCriteriaId": "82FCAE80-88E6-4025-B593-F9D9CB5A5C30", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.11.1\\+1:*:*:*:*:*:*:*", "matchCriteriaId": "B879EAC9-436F-454C-9974-D3CAECB9C018", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.11.2:*:*:*:*:*:*:*", "matchCriteriaId": "C2B6C0DE-FBEB-4704-B422-2D0689A120D4", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.11.3:*:*:*:*:*:*:*", "matchCriteriaId": "C997A75D-C176-4A6A-8997-D6F74BBBDF35", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.11.4:*:*:*:*:*:*:*", "matchCriteriaId": "540A0ACA-6E2A-45DF-B3C4-37F1DB6AA1BE", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.11.5:*:*:*:*:*:*:*", "matchCriteriaId": "D4FDABE1-D6AA-498A-9E75-29D4E2231565", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.12.0:*:*:*:*:*:*:*", "matchCriteriaId": "23D21ADF-742F-4B5E-BE76-2D79BD090A85", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.12.1:*:*:*:*:*:*:*", "matchCriteriaId": "FE3B0EB4-BEE9-4EAA-B347-376C04550098", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.13.0:*:*:*:*:*:*:*", "matchCriteriaId": "CD4F3902-615A-4EDD-BB81-03841E686C42", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.13.0\\+1:*:*:*:*:*:*:*", "matchCriteriaId": "B371FD0E-49A2-4A74-A047-16AC1FC5FB85", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.13.1:*:*:*:*:*:*:*", "matchCriteriaId": "3427790A-846E-4F5D-B28A-3C175AEF6ADD", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.13.1\\+1:*:*:*:*:*:*:*", "matchCriteriaId": "FAAADBF9-839C-486D-821B-460DCEDAF548", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.13.1\\+2:*:*:*:*:*:*:*", "matchCriteriaId": "BDDDDEA8-6114-43F2-9FE7-393AF5E85380", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.13.2:*:*:*:*:*:*:*", "matchCriteriaId": "378CD567-A5CD-48E2-BCA6-5E08335685EF", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.13.2\\+1:*:*:*:*:*:*:*", "matchCriteriaId": "4BEF6895-6555-48B2-8FED-2747BAAEB9C9", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.14.0:*:*:*:*:*:*:*", "matchCriteriaId": "5260D845-B580-49B7-8BEB-8EE3F0919BFD", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.14.0\\+1:*:*:*:*:*:*:*", "matchCriteriaId": "744775BE-7FAF-4FFC-8F68-81C2B6FD71FC", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.15.0:*:*:*:*:*:*:*", "matchCriteriaId": "19533000-5927-478D-A786-CB63E93948B3", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.15.1:*:*:*:*:*:*:*", "matchCriteriaId": "70F2BDE0-CC4B-4C1C-9FFA-D4E3F5AA37DA", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.15.1\\+1:*:*:*:*:*:*:*", "matchCriteriaId": "973F6E89-D2E8-4C92-B534-43248587840D", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.15.1\\+2:*:*:*:*:*:*:*", "matchCriteriaId": "3BC24DE0-7D6B-4284-A73A-E5982B49ACB7", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.15.2:*:*:*:*:*:*:*", "matchCriteriaId": "06C66BAD-4A07-4FAB-9BFF-50FB37D06647", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.15.3:*:*:*:*:*:*:*", "matchCriteriaId": "6798D1A2-F961-48C5-A2F6-086A3A2DB456", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.16.0:*:*:*:*:*:*:*", "matchCriteriaId": "55F425AA-624E-41A9-83CD-19F913E39C12", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.16.1:*:*:*:*:*:*:*", "matchCriteriaId": "B3D3774F-C55C-40B6-A85D-DBD5DAE666C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.16.2:*:*:*:*:*:*:*", "matchCriteriaId": "E8315C60-79EF-4484-B54B-2E7E1FEB5FAF", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "E9ED06F2-8669-4C90-BB22-5DDE01DFD4F1", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "CB6D49DD-22BB-47DB-A6A7-7378A42B5ECC", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:1.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "006FC04D-B81E-4828-9DAB-66A017C1D375", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "371FD10B-90BB-417C-A37E-F5C50EFAEF22", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "D1FC3F03-3890-4466-8A0A-B020460B8507", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "40FAE4C8-7F23-4E67-BA06-276BC3A5DE62", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "CE6E9CCB-8DCF-41F8-A4DE-5B4D139E719A", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "E0594B76-BE61-451D-8512-B9C81F476372", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:1.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "D248E3DA-D9FF-4A08-9C63-9B72AE946AD3", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:1.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "3BBCD24D-B863-4516-A7DD-1264D5D81BD3", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:1.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "4F72DB79-0C01-481A-A442-4489C5C859B8", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "4166DE3D-3019-434F-9EC5-C74057F91F65", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:1.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "836C565A-B1EB-4ED1-BCFB-EF60CFE9ED8A", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:1.5.0b\\+20090716:*:*:*:*:*:*:*", "matchCriteriaId": "C97AC9D6-897E-4347-B438-7940FB1A33FD", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:1.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "F4EB136B-45C1-439D-810F-E234267A44EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:1.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "F49FE022-33DC-4F05-8D64-1E64816E391F", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:1.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2C0ECA2A-043C-4C36-9618-E3EAE45AA5CD", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:1.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "6ED6751D-3C46-454C-8D57-876E3263400C", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:1.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "AB98974A-D4FB-4B2D-98E3-B0ED08855EAB", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:1.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "EEB2BBA2-1E14-459B-B5A3-8012A40977D0", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:1.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "5BA8CB92-71A5-4C5E-813F-BD1F6B2D60B2", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:1.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "4A51A46D-952D-4601-B882-977CF53575FD", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:1.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "EA3DAFB5-4406-4AFE-8D9D-6A18C4DAA696", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:1.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "453B8906-BE63-407B-B861-9718EE6BB30C", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:1.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "F5844E49-FFD7-4304-BAAB-6C69CEC28B05", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:1.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "48109CEF-9592-4245-B9A6-13A2B012C0E9", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:1.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "765ED51C-9627-43DE-A39F-E9D4F56B0518", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:1.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "C1608D80-3703-49FF-9A51-B6D043644EFA", "vulnerable": true}, {"criteria": "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:1.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "C6B5F3B6-3D10-4F13-A53B-A4C99905728E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in aria2 before 1.9.3 allows remote attackers to create arbitrary files via directory traversal sequences in the name attribute of a file element in a metalink file."}, {"lang": "es", "value": "Vulnerabilidad de salto de directorio en aria2 anteriores a v1.9.3, permite a atacantes remotos crear ficheros de su elecci\u00f3n al utilizar caracteres .. (punto punto) en el atributo \"name\" de un elemento fichero en un fichero metalink."}], "id": "CVE-2010-1512", "lastModified": "2026-04-29T01:13:23.040", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2010-05-17T21:00:01.377", "references": [{"source": "PSIRT-CNA@flexerasoftware.com", "url": "http://downloads.sourceforge.net/project/aria2/stable/aria2-1.9.3/NEWS"}, {"source": "PSIRT-CNA@flexerasoftware.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041753.html"}, {"source": "PSIRT-CNA@flexerasoftware.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041754.html"}, {"source": "PSIRT-CNA@flexerasoftware.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041758.html"}, {"source": "PSIRT-CNA@flexerasoftware.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"}, {"source": "PSIRT-CNA@flexerasoftware.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"}, {"source": "PSIRT-CNA@flexerasoftware.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/39529"}, {"source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/39872"}, {"source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/42906"}, {"source": "PSIRT-CNA@flexerasoftware.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/secunia_research/2010-71/"}, {"source": "PSIRT-CNA@flexerasoftware.com", "url": "http://security.gentoo.org/glsa/glsa-201101-04.xml"}, {"source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.debian.org/security/2010/dsa-2047"}, {"source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:106"}, {"source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.osvdb.org/64592"}, {"source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.securityfocus.com/archive/1/511280/100/0/threaded"}, {"source": "PSIRT-CNA@flexerasoftware.com", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/40142"}, {"source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.vupen.com/english/advisories/2010/1228"}, {"source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.vupen.com/english/advisories/2010/1229"}, {"source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.vupen.com/english/advisories/2011/0116"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://downloads.sourceforge.net/project/aria2/stable/aria2-1.9.3/NEWS"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041753.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041754.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041758.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/39529"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/39872"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/42906"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/secunia_research/2010-71/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-201101-04.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2010/dsa-2047"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:106"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/64592"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/511280/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/40142"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2010/1228"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2010/1229"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2011/0116"}], "sourceIdentifier": "PSIRT-CNA@flexerasoftware.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}