CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-16511

An issue was discovered in DTF in FireGiant WiX Toolset before 3.11.2. Microsoft.Deployment.Compression.Cab.dll and Microsoft.Deployment.Compression.Zip.dll allow directory traversal during CAB or ZIP archive extraction, because the full name of an archive file (even with a ../ sequence) is concatenated with the destination path.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.045

EPSS Ranking 88.6%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 5.8

References

Products affected by CVE-2019-16511

Firegiant » Wix Toolset » Version: N/A

cpe:2.3:a:firegiant:wix_toolset:-
Firegiant » Wix Toolset » Version: 3.10

cpe:2.3:a:firegiant:wix_toolset:3.10
Firegiant » Wix Toolset » Version: 3.10.1

cpe:2.3:a:firegiant:wix_toolset:3.10.1
Firegiant » Wix Toolset » Version: 3.10.2

cpe:2.3:a:firegiant:wix_toolset:3.10.2
Firegiant » Wix Toolset » Version: 3.10.3

cpe:2.3:a:firegiant:wix_toolset:3.10.3
Firegiant » Wix Toolset » Version: 3.10.4

cpe:2.3:a:firegiant:wix_toolset:3.10.4
Firegiant » Wix Toolset » Version: 3.11

cpe:2.3:a:firegiant:wix_toolset:3.11
Firegiant » Wix Toolset » Version: 3.11.1

cpe:2.3:a:firegiant:wix_toolset:3.11.1
Firegiant » Wix Toolset » Version: 3.8

cpe:2.3:a:firegiant:wix_toolset:3.8
Firegiant » Wix Toolset » Version: 3.9

cpe:2.3:a:firegiant:wix_toolset:3.9
Firegiant » Wix Toolset » Version: 3.9.2

cpe:2.3:a:firegiant:wix_toolset:3.9.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-16511

Products

Pricing

Contact Us