December 10, 2009

Ubuntu Security Notice 871-2: KDE 4 vulnerabilities

Article Source Ubuntu Security Notices
December 10, 2009, 6:54 pm
¬â 
USN-871-1 fixed vulnerabilities in KDE. This update provides the corresponding updates for KDE 4. This update also fixes a directory traversal flaw in KDE when processing help:// URLs. This issue only affected Ubuntu 8.10. Original advisory details: It was discovered that the KDE libraries could use KHTML to process an unknown MIME type. If a user or application linked against kdelibs were tricked into opening a crafted file, an attacker could potentially trigger XMLHTTPRequests to remote sites...
¬â