Microsoft cabarc Traversal Arbitrary File Overwrite
Local Access Required
Loss of Integrity
A directory traversal vulnerability exists in the Microsoft Cabinet Tool, which is used for extracting .cab files. Maliciously crafted .cab files can use paths including variations on "..\" to extract files to any location in the filesystem, relative to the directory specified for extraction of the .cab file. This would allow attackers to overwrite critical system files.
Currently, there are no known upgrades, patches, or workarounds available to correct this issue.