Search for packages
| purl | pkg:deb/ubuntu/kde4libs@4:4.14.34-0ubuntu2 |
| Next non-vulnerable version | 4:4.14.38-0ubuntu3.1 |
| Latest non-vulnerable version | 4:4.14.38-0ubuntu3.1 |
| Risk | 4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-ezms-uxg1-aaar
Aliases: CVE-2019-14744 |
In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .desktop file. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-het3-uz92-aaah | Directory traversal vulnerability in KArchive before 5.24, as used in KDE Frameworks, allows remote attackers to write to arbitrary files via a ../ (dot dot slash) in a filename in an archive file, related to KNewsstuff downloads. |
CVE-2016-6232
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|