CVE-2011-2725

Priority
Medium
Description
Directory traversal vulnerability in Ark 4.7.x and earlier allows remote
attackers to delete and force the display of arbitrary files via .. (dot
dot) sequences in a zip file.
References
Bugs
Assigned-to
jdstrand
Package
Upstream:released (4.7.3)
Ubuntu 10.04 LTS (Lucid Lynx):released (4:4.4.5-0ubuntu1.2)
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (4:4.7.3-0ubuntu0.1)
Patches:
Upstream:http://commits.kde.org/ark/6f6c0b1 (4.5)
Upstream:http://commits.kde.org/ark/7cf0033 (4.6)
Upstream:http://commits.kde.org/ark/ccb5448 (4.7)
Upstream:http://commits.kde.org/ark/e88d227 (trunk)
More Information

Valid XHTML 1.0 Strict

Updated: 2014-02-05 18:14:49 UTC (commit 7713)