---

KDE K-Mail File Creation Vulnerability

Thanks to Matt Perry for
this report.

Internet Security Systems (ISS) X-Force has discovered a
vulnerability in KDE’s K-Mail mail user agent software. K-Mail
contains a vulnerability that may allow local attackers to
compromise the UID of whoever is running K-Mail. The mail client
creates insecure temporary directories that are used to store MIME
encoded files.

Complete
Story

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis