CVE-2017-8314

Summary

Directory Traversal in Zip Extraction built-in function in Kodi 17.1 and earlier allows arbitrary file write on disk via a Zip file as subtitles.

Affected Software

VendorProductVersion RangeStatus
XBMC FoundationKodi (XBMC)<= v17.1affected

Weaknesses

  • Allows arbitrary file write on disk

ADP Enrichment

CVE Program Container

Additional References

References