KDE 3.0.x KPF Icon Option File Disclosure Vulnerability

ID SSV:75749
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00


No description provided by source.

                                                source: http://www.securityfocus.com/bid/5951/info

A vulnerability has been discovered in the kpf file sharing utility. KDE is available for the Linux operating system.

It has been reported that by passing a malicious file request to kpf, it is possible for a remote attacker to access files outside of the 'shared directory' root. The ability to read files outside of the shared root directory would be dependent upon the privileges of the kpf process.