Bug 1107591 - (CVE-2018-1000801) VUL-0: CVE-2018-1000801: okular: Directory traversal in function unpackDocumentArchive() in core/document.cpp
(CVE-2018-1000801)
VUL-0: CVE-2018-1000801: okular: Directory traversal in function unpackDocume...
Status: RESOLVED FIXED
Classification: openSUSE
Product: openSUSE Distribution
Classification: openSUSE
Component: KDE Applications
Leap 42.3
Other Other
: P3 - Medium : Normal (vote)
: ---
Assigned To: E-Mail List
Security Team bot
https://smash.suse.de/issue/213875/
CVSSv3:RedHat:CVE-2018-1000801:5.5:(A...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2018-09-07 06:29 UTC by Marcus Meissner
Modified: 2019-05-05 14:38 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2018-09-07 06:29:20 UTC
rh#1626265

okular version 18.08 and earlier contains a Directory Traversal vulnerability in
function "unpackDocumentArchive(...)" in "core/document.cpp" that can result in
Arbitrary file creation on the user workstation. This attack appear to be
exploitable via he victim must open a specially crafted Okular archive. This
issue appears to have been corrected in version 18.08.1

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1626265
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1000801
https://cgit.kde.org/okular.git/commit/?id=8ff7abc14d41906ad978b6bc67e69693863b9d47
https://bugs.kde.org/show_bug.cgi?id=398096
Comment 1 Luca Beltrame 2018-09-10 15:37:53 UTC
Update is already queued for Tumbleweed, 15.0 was done right now. 42.3 following up.
Comment 2 Swamp Workflow Management 2018-09-10 16:30:09 UTC
This is an autogenerated message for OBS integration:
This bug (1107591) was mentioned in
https://build.opensuse.org/request/show/634778 15.0 / okular
https://build.opensuse.org/request/show/634779 42.3 / okular
Comment 3 Andreas Stieger 2018-09-10 17:47:08 UTC
> https://build.opensuse.org/request/show/634779 42.3 / okular

Does not build
Comment 4 Swamp Workflow Management 2018-09-10 21:40:07 UTC
This is an autogenerated message for OBS integration:
This bug (1107591) was mentioned in
https://build.opensuse.org/request/show/634802 42.3 / okular
Comment 5 Swamp Workflow Management 2018-09-11 07:30:06 UTC
This is an autogenerated message for OBS integration:
This bug (1107591) was mentioned in
https://build.opensuse.org/request/show/634880 Backports:SLE-12-SP3 / okular
Comment 6 Andreas Stieger 2018-09-15 08:08:45 UTC
done
Comment 7 Swamp Workflow Management 2018-09-15 13:10:28 UTC
openSUSE-SU-2018:2727-1: An update that fixes one vulnerability is now available.

Category: security (moderate)
Bug References: 1107591
CVE References: CVE-2018-1000801
Sources used:
SUSE Package Hub for SUSE Linux Enterprise 12 (src):    okular-17.04.2-11.1
Comment 8 Swamp Workflow Management 2018-09-15 13:13:58 UTC
openSUSE-SU-2018:2733-1: An update that fixes one vulnerability is now available.

Category: security (moderate)
Bug References: 1107591
CVE References: CVE-2018-1000801
Sources used:
openSUSE Leap 42.3 (src):    okular-17.04.2-6.1
openSUSE Leap 15.0 (src):    okular-17.12.3-lp150.3.3.1
Comment 9 Swamp Workflow Management 2018-09-22 07:23:49 UTC
openSUSE-SU-2018:2733-2: An update that fixes one vulnerability is now available.

Category: security (moderate)
Bug References: 1107591
CVE References: CVE-2018-1000801
Sources used:
openSUSE Backports SLE-15 (src):    okular-17.12.3-bp150.3.3.1