Threat Encyclopedia

KDE.KConfig.Dreictory.ICON.File.Remote.Code.Injection

description-logoDescription

This indicates an attack attempt to exploit a Code Injection vulnerability in KDE Frameworks KConfig.
The vulnerability is due to an error in the application when handling a craft file. A remote attacker may be able exploit this to execute arbitrary code within the context of the application.

affected-products-logoAffected Products

KDE KConfig before version 5.61.0
Debian Linux 9.0
Debian Linux 10.0

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

CVE References

CVE-2019-14744