FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

kdepimlibs -- directory traversal on KTNEF

Affected packages
kdepimlibs < 4.14.10_7

Details

VuXML ID e550fc62-069a-11e7-8e3e-5453ed2e2b49
Discovery 2017-02-27
Entry 2017-03-11

Albert Aastals Cid reports:

A directory traversal issue was found in KTNEF which can be exploited by tricking a user into opening a malicious winmail.dat file. The issue allows to write files with the permission of the user opening the winmail.dat file during extraction.

[source]

References

URL https://www.kde.org/info/security/advisory-20170227-1.txt

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.