1 |
type: security |
2 |
subject: Updated okular packages fix security vulnerability |
3 |
CVE: |
4 |
- CVE-2018-1000801 |
5 |
src: |
6 |
6: |
7 |
core: |
8 |
- okular-17.12.2-1.1.mga6 |
9 |
description: | |
10 |
okular version 18.08 and earlier contains a Directory Traversal |
11 |
vulnerability in function "unpackDocumentArchive(...)" in |
12 |
"core/document.cpp" that can result in Arbitrary file creation on the user |
13 |
workstation. This attack appear to be exploitable via he victim must open |
14 |
a specially crafted Okular archive (CVE-2018-1000801). |
15 |
references: |
16 |
- https://bugs.mageia.org/show_bug.cgi?id=23562 |
17 |
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/YYAUHZUZOJFM57K33S2TT4PJT33WY7W3/ |
18 |
ID: MGASA-2018-0389 |