Re: CVE Request: Ark path traversal

[Jeff Mitchell <mitchell () kde org>]

On 7/26/2011 3:58 PM, Josh Bressers wrote:
> ----- Original Message -----
> > Hello,
> >
> > Ark contains a path traversal vulnerability allowing a
> > maliciously-crafted zip file to allow for an arbitrary file to be
> > displayed and, if the user has appropriate credentials, removed.
> >
> > Can we please get a CVE for this?
>
> Do you have a URL or some other public information about this flaw?

It's not public yet as we're currently working on a fix.

Thanks,
Jeff