CVE-2017-5330

Опубликовано: 27 мар. 2017

Источник: debian

Описание

ark before 16.12.1 might allow remote attackers to execute arbitrary code via an executable in an archive, related to associated applications.

Пакет	Статус	Версия исправления	Релиз	Тип
ark	fixed	4:16.08.3-2		package
ark	not-affected		jessie	package
ark	not-affected		wheezy	package

Fixed by: https://github.com/KDE/ark/commit/82fdfd24d46966a117fa625b68784735a40f9065
"Open File" action introduced in https://github.com/KDE/ark/commit/f1cf10f25af245823f81b8ff457a04c7593dede7 (v15.11.80)

CVE-2017-5330

CVSS3: 7.8

ubuntu

почти 9 лет назад

ark before 16.12.1 might allow remote attackers to execute arbitrary code via an executable in an archive, related to associated applications.

CVE-2017-5330

CVSS3: 7.8

redhat

около 9 лет назад

ark before 16.12.1 might allow remote attackers to execute arbitrary code via an executable in an archive, related to associated applications.

CVE-2017-5330

CVSS3: 7.8

nvd

почти 9 лет назад

ark before 16.12.1 might allow remote attackers to execute arbitrary code via an executable in an archive, related to associated applications.

GHSA-fvqq-96pq-qq6m

CVSS3: 7.8

github

больше 3 лет назад

ark before 16.12.1 might allow remote attackers to execute arbitrary code via an executable in an archive, related to associated applications.