5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:P/A:P
0.005 Low
EPSS
Percentile
73.8%
The kdenetwork packages contain networking applications for the K Desktop
Environment (KDE).
A directory traversal flaw was found in the way KGet, a download manager,
handled the “file” element in Metalink files. An attacker could use this
flaw to create a specially-crafted Metalink file that, when opened, would
cause KGet to overwrite arbitrary files accessible to the user running
KGet. (CVE-2011-1586)
Users of kdenetwork should upgrade to these updated packages, which contain
a backported patch to resolve this issue. The desktop must be restarted
(log out, then log back in) for this update to take effect.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 6 | s390x | kdenetwork-libs | < 4.3.4-11.el6_0.1 | kdenetwork-libs-4.3.4-11.el6_0.1.s390x.rpm |
RedHat | 6 | x86_64 | kdenetwork-libs | < 4.3.4-11.el6_0.1 | kdenetwork-libs-4.3.4-11.el6_0.1.x86_64.rpm |
RedHat | 6 | ppc | kdenetwork-debuginfo | < 4.3.4-11.el6_0.1 | kdenetwork-debuginfo-4.3.4-11.el6_0.1.ppc.rpm |
RedHat | 6 | src | kdenetwork | < 4.3.4-11.el6_0.1 | kdenetwork-4.3.4-11.el6_0.1.src.rpm |
RedHat | 6 | ppc64 | kdenetwork-debuginfo | < 4.3.4-11.el6_0.1 | kdenetwork-debuginfo-4.3.4-11.el6_0.1.ppc64.rpm |
RedHat | 6 | ppc64 | kdenetwork-libs | < 4.3.4-11.el6_0.1 | kdenetwork-libs-4.3.4-11.el6_0.1.ppc64.rpm |
RedHat | 6 | i686 | kdenetwork-libs | < 4.3.4-11.el6_0.1 | kdenetwork-libs-4.3.4-11.el6_0.1.i686.rpm |
RedHat | 6 | ppc | kdenetwork-libs | < 4.3.4-11.el6_0.1 | kdenetwork-libs-4.3.4-11.el6_0.1.ppc.rpm |
RedHat | 6 | s390 | kdenetwork-libs | < 4.3.4-11.el6_0.1 | kdenetwork-libs-4.3.4-11.el6_0.1.s390.rpm |
RedHat | 6 | ppc64 | kdenetwork | < 4.3.4-11.el6_0.1 | kdenetwork-4.3.4-11.el6_0.1.ppc64.rpm |