Oval Definition:oval:com.ubuntu.artful:def:201810860000
Revision Date:2018-06-29Version:1
Title:CVE-2018-10860 on Ubuntu 17.10 (artful) - medium.
Description:perl-archive-zip is vulnerable to a directory traversal in Archive::Zip. It was found that the Archive::Zip module did not properly sanitize paths while extracting zip files. An attacker able to provide a specially crafted archive for processing could use this flaw to write or overwrite arbitrary files in the context of the perl interpreter.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2018-10860
Platform(s):Ubuntu 17.10
Product(s):
Definition Synopsis
  • Ubuntu 17.10 (artful) is installed.
  • AND The 'libarchive-zip-perl' package in artful was vulnerable but has been fixed (note: '1.59-1ubuntu0.1').
  • BACK