Directory Traversal Vulnerability in Ark by KDE
CVE-2011-2725

Currently unrated

Key Information:

Vendor: Kde
Status: Kde Sc; Ark
Vendor: CVE Published:; 4 February 2014

What is CVE-2011-2725?

The directory traversal vulnerability in Ark versions 4.7.x and earlier enables remote attackers to exploit '..' (dot dot) sequences in a zip file. This flaw can allow unauthorized deletion or display of arbitrary files, potentially compromising sensitive information and system integrity. Users of affected versions should apply the latest updates to mitigate this risk.

References

http://lists.opensuse.org/opensuse-updates/2012-03/msg000...

vendor-advisoryx_refsource_SUSE

http://seclists.org/fulldisclosure/2011/Oct/351

mailing-listx_refsource_FULLDISC

https://bugzilla.redhat.com/show_bug.cgi?id=725764

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 4, 2014
Vulnerability Reserved
Jul 11, 2011

CVE-2011-2725 Data

JSON

Kde

What is CVE-2011-2725?

References

Timeline