Multiple directory traversal vulnerabilities in GNU binutils 2.24 and earlier allow local users to delete arbitrary files via a .. (dot dot) or full path name in an archive to (1) strip or (2) objcopy or create arbitrary files via (3) a .. (dot dot) or full path name in an archive to ar.
| Product | Vendor | Version |
|---|---|---|
| n/a | n/a | < 2d1628d32300e4f67ac0b7409cbfa7b912a8fe9d |