CVE-2011-2725: Path Traversal
First published: Tue Jul 26 2011(Updated: )
A path traversal flaw was found in the way Ark, the tool for managing various archive formats within the KDE environment, processed certain Zip archives. A remote attacker could provide a specially-crafted Zip archive, which once opened in the Ark GUI frontend would lead to arbitrary file being opened or, potentially, if the local victim provided correct user credentials could allow that file to be removed. References: [1] <a href="http://www.openwall.com/lists/oss-security/2011/07/25/9">http://www.openwall.com/lists/oss-security/2011/07/25/9</a> [2] <a href="https://bugzilla.novell.com/show_bug.cgi?id=708268">https://bugzilla.novell.com/show_bug.cgi?id=708268</a>
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| KDE Ark | <=2.17 | |
| KDE SC | <=4.7.4 | |
| KDE SC | =4.7.0 | |
| KDE SC | =4.7.1 | |
| KDE SC | =4.7.2 | |
| KDE SC | =4.7.3 | |
| Ubuntu Linux | =10.04 | |
| Ubuntu Linux | =10.10 | |
| Ubuntu Linux | =11.04 | |
| Ubuntu Linux | =11.10 | |
| openSUSE | =11.4 | |
| Ubuntu | =10.10 | |
| Ubuntu | =11.04 | |
| Ubuntu | =11.10 | |
| Ubuntu | =10.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.opensuse.org/opensuse-updates/2012-03/msg00002.html
- https://bugzilla.redhat.com/show_bug.cgi?id=725764
- http://seclists.org/fulldisclosure/2011/Oct/351
- http://packetstormsecurity.com/files/105610/Ark-2.16-Directory-Traversal.html
- http://www.ubuntu.com/usn/USN-1276-1
- https://bugzilla.novell.com/show_bug.cgi?id=708268
- http://www.openwall.com/lists/oss-security/2011/07/25/9
- http://www.nth-dimension.org.uk/
- http://www.machine.org.uk/
- http://utils.kde.org/projects/ark
- http://www.kde.org/
- https://access.redhat.com/security/cve/CVE-2011-2725
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=744215
- http://commits.kde.org/ark/ccb5448eb2aedd150313ea0af431a9b754176975
- http://commits.kde.org/ark/e88d2277a2ffa702b1f6f95ffd585fb0b2ec6210
- http://commits.kde.org/ark/6f6c0b18b3569ae2b5b6f65dc7ea626a8b7c03c0
- http://commits.kde.org/ark/7cf00339ff1b7764fd6b603d796b51cee5d8503c
- http://websvn.kde.org/?view=revision&revision=1259333
- http://websvn.kde.org/?view=revision&revision=1259334
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=725764#c5
Frequently Asked Questions
What is the severity of CVE-2011-2725?
CVE-2011-2725 is classified as a medium severity vulnerability due to the potential for arbitrary file access.
Which versions of KDE SC are affected by CVE-2011-2725?
CVE-2011-2725 affects KDE SC versions up to 4.7.4, including specific versions 4.7.0 through 4.7.3.
How do I fix CVE-2011-2725?
To fix CVE-2011-2725, users should update their KDE SC to a fixed version beyond 4.7.4 or apply any available patches.
Can CVE-2011-2725 be exploited remotely?
Yes, an attacker can exploit CVE-2011-2725 remotely by crafting a malicious Zip archive that, when opened, accesses arbitrary files.
What software does CVE-2011-2725 affect?
CVE-2011-2725 primarily affects KDE Ark and various versions of KDE SC within the KDE environment.
- agent/first-publish-date
- agent/references
- agent/type
- agent/severity
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2011-2725
- agent/last-modified-date
- agent/weakness
- agent/event
- agent/trending
- agent/source
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/nvd-historical
- vendor/kde
- canonical/kde ark
- version/kde ark/2.17
- canonical/kde sc
- version/kde sc/4.7.4
- version/kde sc/4.7.0
- version/kde sc/4.7.1
- version/kde sc/4.7.2
- version/kde sc/4.7.3
- vendor/canonical
- canonical/ubuntu linux
- version/ubuntu linux/10.04
- version/ubuntu linux/10.10
- version/ubuntu linux/11.04
- version/ubuntu linux/11.10
- vendor/opensuse
- canonical/opensuse
- version/opensuse/11.4
- canonical/ubuntu
- version/ubuntu/10.10
- version/ubuntu/11.04
- version/ubuntu/11.10
- version/ubuntu/10.04