KDE Frameworks

KDE Frameworks Command Execution Vulnerability (CVE-2019-14744) Threat Alert

agosto 19, 2019


Recently, a security researcher took to Twitter to disclose a KDE Frameworks command injection vulnerability, which stems from the KDesktopfile class handling .desktop, .directory, and configuration files. An attacker could create malicious files of these types, which, once being viewed with the KDE file viewer, could trigger the vulnerability, leading to code execution without requiring any user interactions like executing such files. (mais…)


Inscreva-se no Blog da NSFOCUS