CVE 2011-2725
Directory traversal vulnerability in Ark 4.7.x and earlier allows remote attackers to delete and force the display of arbitrary files via .. (dot dot) sequences in a zip file.
See the
CVE page on Mitre.org
for more details.