Kde · Kphone · CVE-2006-2442
**Name of the Vulnerable Software and Affected Versions**
kphone version 4.2
**Description**
The issue allows local users to read usernames and SIP passwords due to world-readable permissions of the .qt/kphonerc file created by kphone.
**Recommendations**
For kphone version 4.2, consider changing the permissions of the .qt/kphonerc file to prevent world-readable access, or restrict local user access to sensitive information stored in this file.