It has been found that the Far file manager does not handle path names correctly. This can result in a buffer overflow condition that allows code execution. An example script to crash Far 1.70beta1 and 1.70beta4 is included. The Far developers (Rarlab) will fix this in version 1.70beta5.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/30810/security-nnov.far.txt
Source: https://packetstormsecurity.com/files/30810/security-nnov.far.txt.html