{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000160.html",
  "dc:date": "2015-10-20T17:56+09:00",
  "dcterms:issued": "2015-10-16T14:00+09:00",
  "dcterms:modified": "2015-10-20T17:56+09:00",
  "description": "Avast contains an issue in processing archive files, which may result in a directory traversal (CWE-22) vulnerability.\r\nWhen an archive file such as zip is detected as containing a virus and the included virus file is being moved or deleted, the operation is done to the file path inside the archive file.\r\n\r\nRyohei Koike of Sakura Information Systems Co., Ltd. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000160.html",
  "sec:cpe": {
    "#text": "cpe:/a:avast:avast_antivirus",
    "@product": "avast Antivirus",
    "@vendor": "AVAST Software s.r.o.",
    "@version": "2.2"
  },
  "sec:cvss": {
    "@score": "4.3",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2015-000160",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN25576608/index.html",
      "@id": "JVN#25576608",
      "@source": "JVN"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5662",
      "@id": "CVE-2015-5662",
      "@source": "CVE"
    },
    {
      "#text": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5662",
      "@id": "CVE-2015-5662",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-22",
      "@title": "Path Traversal(CWE-22)"
    }
  ],
  "title": "Avast vulnerable to directory traversal"
}