Subject: [ASA-201701-18] ark: arbitrary command execution Arch Linux Security Advisory ASA-201701-18 ========================================== Severity: High Date : 2017-01-13 CVE-ID : CVE-2017-5330 Package : ark Type : arbitrary command execution Remote : No Link : https://security.archlinux.org/AVG-130 Summary ======= The package ark before version 16.12.1-1 is vulnerable to arbitrary command execution. Resolution ========== Upgrade to 16.12.1-1. # pacman -Syu "ark>=16.12.1-1" The problem has been fixed upstream in version 16.12.1. Workaround ========== None. Description =========== Opening an url with ark will call KRUN::runURL() which detects the mime-type of the url and runs the appropriate service for that mimetype when found. This leads to unintended execution of scripts and executable files. Impact ====== An attacker can execute arbitrary command on the affected host by tricking a user into opening an executable file from an archive. References ========== https://www.kde.org/info/security/advisory-20170112-1.txt http://seclists.org/oss-sec/2017/q1/45 https://cgit.kde.org/ark.git/commit/?id=82fdfd24d46966a117fa625b68784735a40f9065 https://bugs.kde.org/show_bug.cgi?id=374572 https://security.archlinux.org/CVE-2017-5330