The KDE kscd program does not drop privileges when executing a program specified in a user's SHELL environmental variable, which allows the user to gain privileges by specifying an alternate program to execute.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
kde kde 1.1 |
||
kde kde 1.1.1 |
||
kde kde 1.2 |
||
kde kde 2.0_beta |