KDE Personal Information Management suite "kdepim" contains a buffer overflow vulnerability. Exploitation of this vulnerability could lead to the arbitrary execution of commands.
KDE Personal Information Management suite shipped with KDE versions 3.1.0 through 3.1.4 contains a buffer overflow vulnerability in the processing of VCF files.
If an attacker can trick a victim into opening a specially crafted .VCF file, the attacker may be able to gain information about a victim's data or execute arbitrary commands
An attacker may be able to gain information about a victim's data or execute arbitrary commands with the victim's privileges.
This vulnerability was discovered by Dirk Mueller of KDE and reported in their advisory.
This document was written by Stacey Stewart.
|Date First Published:||2004-01-27|
|Date Last Updated:||2004-01-27 20:10 UTC|