CVE-2010-1511
Publication date 14 May 2010
Last updated 24 July 2024
Ubuntu priority
KGet 2.4.2 in KDE SC 4.0.0 through 4.4.3 does not properly request download confirmation from the user, which makes it easier for remote attackers to overwrite arbitrary files via a crafted metalink file.
Status
Package | Ubuntu Release | Status |
---|---|---|
kdenetwork | 10.04 LTS lucid |
Fixed 4:4.4.2-0ubuntu4.1
|
9.10 karmic |
Not affected
|
|
9.04 jaunty |
Not affected
|
|
8.04 LTS hardy | Ignored end of life | |
6.06 LTS dapper | Ignored end of life |
References
Related Ubuntu Security Notices (USN)
- USN-938-1
- KDENetwork vulnerabilities
- 13 May 2010