USN-4482-1: Ark vulnerability

  • Thread starter Ubuntu security notices
  • Start date
U

Ubuntu security notices

Guest
Fabian Vogt discovered that Ark incorrectly handled symbolic links in tar archive files. An attacker could use this to construct a malicious tar archive that, when opened, would create files outside the extraction directory.

Continue reading...
 
Top