VYPR
High severity7.5NVD Advisory· Published Aug 2, 2016· Updated Jun 17, 2026

CVE-2016-6232

CVE-2016-6232

Description

Directory traversal vulnerability in KArchive before 5.24, as used in KDE Frameworks, allows remote attackers to write to arbitrary files via a ../ (dot dot slash) in a filename in an archive file, related to KNewsstuff downloads.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • KDE/Karchives2 versions
    cpe:2.3:a:kde:karchives:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:kde:karchives:*:*:*:*:*:*:*:*range: <=5.24
    • (no CPE)range: <5.24
  • cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*+ 2 more
    • cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.