CVE-2010-1000

NameCVE-2010-1000
DescriptionDirectory traversal vulnerability in KGet in KDE SC 4.0.0 through 4.4.3 allows remote attackers to create arbitrary files via directory traversal sequences in the name attribute of a file element in a metalink file.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
kdenetworksourcelenny(not affected)
kdenetworksource(unstable)4:4.4.3-2

Notes

[lenny] - kdenetwork <not-affected> (Metalink plugin not yet present)
http://seclists.org/fulldisclosure/2010/May/165

Search for package or bug name: Reporting problems