KDE Multiple URI Handler Vulnerabilities

It has been reported that KDE is prone to multiple input validation vulnerabilities in various URI handlers. The issues are reported to exist due to insufficient sanitization of user-supplied input by the telnet, rlogin, ssh and mailto URI handlers. Specifically, if a '-' character is present at the beginning of a host name, options may be passed to the programs to carry out an attack.


 

Privacy Statement
Copyright 2010, SecurityFocus