Published: 04/02/2014 Updated: 30/10/2018
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Summary

Directory traversal vulnerability in Ark 4.7.x and previous versions allows remote malicious users to delete and force the display of arbitrary files via .. (dot dot) sequences in a zip file.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.
Vulnerable Product Search on Vulmon Subscribe to Product

kde ark

kde kde sc 4.7.0

kde kde sc 4.7.1

kde kde sc 4.7.2

kde kde sc 4.7.3

kde kde sc

canonical ubuntu linux 10.04

canonical ubuntu linux 10.10

canonical ubuntu linux 11.04

canonical ubuntu linux 11.10

opensuse opensuse 11.4

Vendor Advisories

Ark could be made to remove files ...

Mailing Lists

Ark version 216 suffers from a directory traversal vulnerability when handling a malformed ZIP file ...