Vigil@nce - KDE Ark: file deletion via ZIP
August 2011 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can invite the victim to open a malicious ZIP archive
with KDE Ark, in order to display or to remove a file of the local
system.
Severity: 2/4
Creation date: 27/07/2011
IMPACTED PRODUCTS
– Unix - plateform
DESCRIPTION OF THE VULNERABILITY
The KDE Utilities Ark program manages archives, and support the
formats tar, gzip, bzip2, zip, etc.
A ZIP archive can contain paths with "../", in order to access
outside the archive extraction directory. However, Ark does not
filter these malicious paths. Technical details are unknown.
An attacker can therefore invite the victim to open a malicious
ZIP archive with KDE Ark, in order to display or to remove a file
of the local system.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/KDE-Ark-file-deletion-via-ZIP-10872