Описание
In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .desktop file.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 5.44.0-0ubuntu1.1 |
| devel | not-affected | 5.60.0-0ubuntu2 |
| disco | released | 5.56.0-0ubuntu1.1 |
| eoan | not-affected | 5.60.0-0ubuntu2 |
| esm-apps/bionic | released | 5.44.0-0ubuntu1.1 |
| esm-apps/focal | not-affected | 5.60.0-0ubuntu2 |
| esm-apps/jammy | not-affected | 5.60.0-0ubuntu2 |
| esm-apps/xenial | released | 5.18.0-0ubuntu1.1 |
| esm-infra-legacy/trusty | DNE | |
| focal | not-affected | 5.60.0-0ubuntu2 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 4:4.14.38-0ubuntu3.1 |
| devel | DNE | |
| disco | released | 4:4.14.38-0ubuntu6.1 |
| eoan | DNE | |
| esm-apps/bionic | released | 4:4.14.38-0ubuntu3.1 |
| esm-apps/xenial | released | 4:4.14.16-0ubuntu3.3 |
| esm-infra-legacy/trusty | released | 4:4.13.3-0ubuntu0.5+esm1 |
| esm-infra/focal | DNE | |
| focal | DNE | |
| groovy | DNE |
Показывать по
Ссылки на источники
5.1 Medium
CVSS2
7.8 High
CVSS3
Связанные уязвимости
In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .desktop file.
In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .desktop file.
In KDE Frameworks KConfig before 5.61.0, malicious desktop files and c ...
5.1 Medium
CVSS2
7.8 High
CVSS3