o bandisoft Co.,Ltd released security update to address heap overflow vulnerability in ARK library.
|Heap based buffer overflow
||arbitrary code execution
o A heap overflow issue was found in ARK library of bandisoft Co., Ltd when the Ark_DigPathA function parsed a file path. (CVE-2021-26603)
o This vulnerability is due to missing support for string length check.
□ Affected Product
||prior to 188.8.131.52 version
o Update software over 184.108.40.206 version or higher.
o Thanks to Jaeyoung Jeong for reporting this vulnerability.
□ 작성 : 침해사고분석단 취약점분석팀