CVE-2021-26635 Information

Description

In the code that verifies the file size in the ark library it is possible to manipulate the offset read from the target file due to the wrong use of the data type. An attacker could use this vulnerability to cause a stack buffer overflow and as a result perform an attack such as remote code execution.

Reference

https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=66747