Candidate: CVE-2018-0496
PublicDate: 2018-06-12 20:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0496
Description:
 Directory traversal issues in the D-Mod extractor in DFArc and DFArc2 (as
 well as in RTsoft's Dink Smallwood HD / ProtonSDK version) before 3.14
 allow an attacker to overwrite arbitrary files on the user's system.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N [7.5 HIGH]


Patches_freedink-dfarc:
 other: https://git.savannah.gnu.org/cgit/freedink/dfarc.git/commit/?id=40cc957f52e772f45125126439ba9333cf2d2998
upstream_freedink-dfarc: released (3.14-1)
precise/esm_freedink-dfarc: DNE
trusty_freedink-dfarc: ignored (reached end-of-life)
trusty/esm_freedink-dfarc: DNE (trusty was needed)
xenial_freedink-dfarc: released (3.12-1+deb9u1build0.16.4.1)
artful_freedink-dfarc: ignored (reached end-of-life)
bionic_freedink-dfarc: released (3.12-1+deb9u1build0.18.4.1)
cosmic_freedink-dfarc: not-affected (3.14-1)
disco_freedink-dfarc: not-affected (3.14-1)
devel_freedink-dfarc: not-affected (3.14-1)