Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
bandisoft ARK library integer overflow vulnerability
Vulnerability Description
ARK library allows attackers to execute remote code via the parameter(path value) of Ark_NormalizeAndDupPAthNameW function because of an integer overflow.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
整数溢出或超界折返
Vulnerability Title
ARK library 输入验证错误漏洞
Vulnerability Description
Bandisoft ARK library是韩国Bandisoft公司的一个解压Windows、macOS、Linux等各种OS环境中现有的ZIP、RAR、ALZ、EGG等大多数压缩格式的库,并创建ZIP/7Z格式的压缩文件。 ARK library 存在安全漏洞,该漏洞允许攻击者通过 Ark_NormalizeAndDupPAthNameW 函数的参数(路径值)执行远程代码。
CVSS Information
N/A
Vulnerability Type
N/A