PT-2000-1830 · Kde · Kde

Published

2000-12-19

Updated

2008-09-05

CVE-2000-0918

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions KDE version 1.1.2

Description A format string issue in kvt may allow local users to execute arbitrary commands via a DISPLAY environmental variable that contains formatting characters.

Recommendations For KDE version 1.1.2, consider restricting access to the DISPLAY environmental variable to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2000-0918

Affected Products

Kde

PT-2000-1830 · Kde · Kde

CVE-2000-0918

Related Identifiers

Affected Products

References · 3