Bugtraq mailing list archives
Re: Secunia Research: KDE KGet Insecure File Operation Vulnerability
From: "Vladimir '3APA3A' Dubrovin" <3APA3A () SECURITY NNOV RU>
Date: Fri, 14 May 2010 23:43:11 +0400
Dear Secunia Research, SR> The vulnerability is caused by KGet downloading files without the SR> user's acknowledgment, overwriting existing files of the same name SR> when displaying a dialog box that allows a user to choose the file to SR> download out of the options offered by a metalink file. SR> The Common Vulnerabilities and Exposures (CVE) project has assigned SR> CVE-2010-1511 for the vulnerability. Is it same vulnerability with CVE-2010-1000 or different? (CVE-2010-1000: It was discovered that KGet did not properly perform input validation when processing metalink files. If a user were tricked into opening a crafted metalink file, a remote attacker could overwrite files via directory traversal, which could eventually lead to arbitrary code execution. ) -- Skype: Vladimir.Dubrovin ~/ZARAZA http://securityvulns.com/
Current thread:
- Secunia Research: KDE KGet Insecure File Operation Vulnerability Secunia Research (May 13)
- Re: Secunia Research: KDE KGet Insecure File Operation Vulnerability Vladimir '3APA3A' Dubrovin (May 14)