CVE-2003-1167

Name of the Vulnerable Software and Affected Versions KPopup version 0.9.1

Description The issue is related to the execution of the killall command in KPopup, where it trusts the PATH variable. This allows local users to potentially elevate their privileges by modifying the PATH variable to point to a malicious killall program.

Recommendations For KPopup version 0.9.1, consider restricting access to the PATH variable or using an absolute path when executing the killall command to prevent exploitation. As a temporary workaround, avoid using the killall command in KPopup until a patch is available.