{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "dateAssigned": "2018-09-03T00:00:00", "datePublic": "2018-08-31T00:00:00", "descriptions": [{"lang": "en", "value": "okular version 18.08 and earlier contains a Directory Traversal vulnerability in function \"unpackDocumentArchive(...)\" in \"core/document.cpp\" that can result in Arbitrary file creation on the user workstation. This attack appear to be exploitable via he victim must open a specially crafted Okular archive. This issue appears to have been corrected in version 18.08.1"}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-11-10T10:57:02", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "[debian-lts-announce] 20180923 [SECURITY] [DLA 1516-1] okular security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00027.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://cgit.kde.org/okular.git/commit/?id=8ff7abc14d41906ad978b6bc67e69693863b9d47"}, {"name": "GLSA-201811-08", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201811-08"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugs.kde.org/show_bug.cgi?id=398096"}, {"name": "DSA-4303", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2018/dsa-4303"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "DATE_ASSIGNED": "2018-09-03T16:07:16.983221", "DATE_REQUESTED": "2018-09-01T10:41:39", "ID": "CVE-2018-1000801", "REQUESTER": "joran.herve@gmail.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "okular version 18.08 and earlier contains a Directory Traversal vulnerability in function \"unpackDocumentArchive(...)\" in \"core/document.cpp\" that can result in Arbitrary file creation on the user workstation. This attack appear to be exploitable via he victim must open a specially crafted Okular archive. This issue appears to have been corrected in version 18.08.1"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "[debian-lts-announce] 20180923 [SECURITY] [DLA 1516-1] okular security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00027.html"}, {"name": "https://cgit.kde.org/okular.git/commit/?id=8ff7abc14d41906ad978b6bc67e69693863b9d47", "refsource": "CONFIRM", "url": "https://cgit.kde.org/okular.git/commit/?id=8ff7abc14d41906ad978b6bc67e69693863b9d47"}, {"name": "GLSA-201811-08", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201811-08"}, {"name": "https://bugs.kde.org/show_bug.cgi?id=398096", "refsource": "CONFIRM", "url": "https://bugs.kde.org/show_bug.cgi?id=398096"}, {"name": "DSA-4303", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2018/dsa-4303"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T12:40:47.881Z"}, "title": "CVE Program Container", "references": [{"name": "[debian-lts-announce] 20180923 [SECURITY] [DLA 1516-1] okular security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00027.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://cgit.kde.org/okular.git/commit/?id=8ff7abc14d41906ad978b6bc67e69693863b9d47"}, {"name": "GLSA-201811-08", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/201811-08"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugs.kde.org/show_bug.cgi?id=398096"}, {"name": "DSA-4303", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "https://www.debian.org/security/2018/dsa-4303"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-1000801", "datePublished": "2018-09-06T18:00:00", "dateReserved": "2018-09-01T00:00:00", "dateUpdated": "2024-08-05T12:40:47.881Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:kde:okular:*:*:*:*:*:*:*:*", "matchCriteriaId": "0A0E8A6A-A148-4134-ADB2-B07209E5282D", "versionEndIncluding": "18.08", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "okular version 18.08 and earlier contains a Directory Traversal vulnerability in function \"unpackDocumentArchive(...)\" in \"core/document.cpp\" that can result in Arbitrary file creation on the user workstation. This attack appear to be exploitable via he victim must open a specially crafted Okular archive. This issue appears to have been corrected in version 18.08.1"}, {"lang": "es", "value": "okular en versiones 18.08 y anteriores contiene una vulnerabilidad de salto de directorio en la funci\u00f3n \"unpackDocumentArchive(...)\" en \"core/document.cpp\" que puede resultar en la creaci\u00f3n de archivos arbitrarios en la estaci\u00f3n de trabajo del usuario. El ataque parece ser explotable si una v\u00edctima abre un archivo Okular especialmente manipulado. El problema parece haber sido solucionado en la versi\u00f3n 18.08.1."}], "id": "CVE-2018-1000801", "lastModified": "2024-11-21T03:40:23.000", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-09-06T18:29:00.397", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugs.kde.org/show_bug.cgi?id=398096"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://cgit.kde.org/okular.git/commit/?id=8ff7abc14d41906ad978b6bc67e69693863b9d47"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00027.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/201811-08"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2018/dsa-4303"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugs.kde.org/show_bug.cgi?id=398096"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://cgit.kde.org/okular.git/commit/?id=8ff7abc14d41906ad978b6bc67e69693863b9d47"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00027.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/201811-08"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2018/dsa-4303"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2020:1173", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "okular-0:4.10.5-8.el7", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2020-03-31T00:00:00Z"}], "bugzilla": {"description": "okular: Directory traversal in function unpackDocumentArchive() in core/document.cpp", "id": "1626265", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1626265"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "status": "verified"}, "cwe": "CWE-22", "details": ["okular version 18.08 and earlier contains a Directory Traversal vulnerability in function \"unpackDocumentArchive(...)\" in \"core/document.cpp\" that can result in Arbitrary file creation on the user workstation. This attack appear to be exploitable via he victim must open a specially crafted Okular archive. This issue appears to have been corrected in version 18.08.1", "A path traversal vulnerability has been discovered in Okular, in the way it creates temporary files when reading an Okular archive. Paths are read from content.xml and they are not properly sanitized before being used as template file names for the temporary files created when extracting the Okular archive, thus allowing a local attacker to write files outside the target temporary directory."], "mitigation": {"lang": "en:us", "value": "Check Okular archives with `unzip -l <archive-name>.okular` before opening them. Do not open them with Okular if they contain files with \"../\"."}, "name": "CVE-2018-1000801", "public_date": "2018-09-06T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2018-1000801\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-1000801"], "threat_severity": "Moderate"}