CVE-2010-1511
Published: 14 May 2010
KGet 2.4.2 in KDE SC 4.0.0 through 4.4.3 does not properly request download confirmation from the user, which makes it easier for remote attackers to overwrite arbitrary files via a crafted metalink file.
Priority
Status
Package | Release | Status |
---|---|---|
kdenetwork Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
hardy |
Ignored
(end of life)
|
|
jaunty |
Not vulnerable
|
|
karmic |
Not vulnerable
|
|
lucid |
Released
(4:4.4.2-0ubuntu4.1)
|
|
upstream |
Needs triage
|