Advisories ยป MGASA-2018-0389

Updated okular packages fix security vulnerability

Publication date: 21 Sep 2018
Modification date: 21 Sep 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-1000801

Description

okular version 18.08 and earlier contains a Directory Traversal
vulnerability in function "unpackDocumentArchive(...)" in
"core/document.cpp" that can result in Arbitrary file creation on the user
workstation. This attack appear to be exploitable via he victim must open
a specially crafted Okular archive (CVE-2018-1000801).
                

References

SRPMS

6/core