QwikSec

Security Database

CVE

CWE

Training

CVE-2018-1000801

Published: Sep 6, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

okular version 18.08 and earlier contains a Directory Traversal vulnerability in function "unpackDocumentArchive(...)" in "core/document.cpp" that can result in Arbitrary file creation on the user workstation. This attack appear to be exploitable via he victim must open a specially crafted Okular archive. This issue appears to have been corrected in version 18.08.1

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[debian-lts-announce] 20180923 [SECURITY] [DLA 1516-1] okular security update

mailing-list

x_refsource_MLIST

https://cgit.kde.org/okular.git/commit/?id=8ff7abc14d41906ad978b6bc67e69693863b9d47

x_refsource_CONFIRM

vendor-advisory

x_refsource_GENTOO

https://bugs.kde.org/show_bug.cgi?id=398096

x_refsource_CONFIRM

vendor-advisory

x_refsource_DEBIAN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.