diff options
author | miwi <miwi@FreeBSD.org> | 2011-11-14 03:25:46 +0000 |
---|---|---|
committer | miwi <miwi@FreeBSD.org> | 2011-11-14 03:25:46 +0000 |
commit | 60766fa91697722890579e02dd190000420b7da7 (patch) | |
tree | 306f11197b0084b419febb9a3242f65edc0272dc | |
parent | 0a3602badd0612e1bdae2b110bcf46b5ad95fcca (diff) | |
download | FreeBSD-ports-60766fa91697722890579e02dd190000420b7da7.zip FreeBSD-ports-60766fa91697722890579e02dd190000420b7da7.tar.gz |
- Fix previous entry
Feature safe: yes
-rw-r--r-- | security/vuxml/vuln.xml | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index b421239..093897f 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -47,14 +47,14 @@ Note: Please add new entries to the beginning of this file. <p>Tim Brown from Nth Dimention reports:</p> <blockquote cite="http://seclists.org/fulldisclosure/2011/Oct/351"> <p>I recently discovered that the Ark archiving tool is - vulnerable to directory traversal via malformed. When - attempts are made to view files within the malformed Zip - file in Ark's default view, the wrong file may be displayed - due to incorrect construction of the temporary file name. - Whilst this does not allow the wrong file to be overwritten, - after closing the default view, Ark will then attempt to - delete the temporary file which could result in the deletion - of the incorrect file.</p> + vulnerable to directory traversal via malformed. When + attempts are made to view files within the malformed Zip + file in Ark's default view, the wrong file may be displayed + due to incorrect construction of the temporary file name. + Whilst this does not allow the wrong file to be overwritten, + after closing the default view, Ark will then attempt to + delete the temporary file which could result in the deletion + of the incorrect file.</p> </blockquote> </body> </description> |