FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

kdelibs -- insecure temporary file creation

Affected packages
ja-kdelibs < 3.3.2_5
kdelibs < 3.3.2_5

Details

VuXML ID 29dd0065-81fa-11d9-a9e7-0001020eed82
Discovery 2005-01-21
Entry 2005-02-18
Modified 2005-02-20

Davide Madrisan reports:

The `dcopidlng' script in the KDE library package (kdelibs-3.3.2/dcop/dcopidlng/dcopidlng) creates temporary files in a unsecure manner.

[source]

Note: dcopidlng is only used at build time, so only users installing KDE are vulnerable, not users already running KDE.

References

CVE Name CVE-2005-0365
Message 200502110916.48921.davide.madrisan@qilinux.it
URL http://bugs.kde.org/show_bug.cgi?id=97608

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.