安全公告详情

NS-SA-2025-1004

2025-03-28 00:00:00

简介

important: nde-archiver security update

严重级别

important

主题

An update for nde-archiver is now available for NewStartOS V4.5.2
NewStart Security has rated this update as having a security impact of critical.

详细描述

The nde archiver program of NewStartOS has an arbitrary code execution vulnerability, which can be exploited to execute arbitrary code. The attacker uses malicious code as the compressed file name and sends the malicious compressed file to the victim. The victim uses NewStartOS's default compressed file viewer to double-click and open the compressed file, triggering the malicious code.

影响组件

  • nde-archiver

影响产品

  • NewStartOS V4.5.2

更新包

{"fix":[{"product":"NewStartOS V4.5.2","pkgs":[{"binary":["nde-archiver-0.3.0-22.1.zncgsl6.x86_64.rpm","nde-archiver-l10n-0.3.0-22.1.zncgsl6.noarch.rpm "],"source":"nde-archiver-0.3.0-22.1.zncgsl6.src.rpm"}]}]}
NewStartOS V4.5.2
  • nde-archiver-0.3.0-22.1.zncgsl6.src.rpm
    • nde-archiver-0.3.0-22.1.zncgsl6.x86_64.rpm
    • nde-archiver-l10n-0.3.0-22.1.zncgsl6.noarch.rpm

CVE

参考

© 2004-2023 广东中兴新支点技术有限公司 版权所有 (www.gd-linux.com) 粤ICP备15061780号-2

全国服务热线:400-033-0108