CVE-2002-0512

Name of the Vulnerable Software and Affected Versions KDE versions 2.3 through 3.1.1

Description The issue allows local users to gain privileges of other users running startkde via Trojan horse libraries, due to the startkde in KDE setting the LD LIBRARY PATH environment variable to include the current working directory.

Recommendations For versions 2.3 through 3.1.1, consider restricting the use of the LD LIBRARY PATH environment variable to prevent the inclusion of the current working directory, or apply configuration changes to prevent the execution of Trojan horse libraries.