Red Hat Bugzilla – Bug 165606
EMBARGOED CAN-2005-2101 langen2kvtml tempfile vulnerability
Last modified: 2007-11-30 17:11:11 EST
Ben Burton notified the KDE security team about several tempfile handling
related vulnerabilities in langen2kvtml, a conversion script for kvoctrain. The
script must be manually invoked.
The script uses known filenames in /tmp which allow an local attacker to
overwrite files writeable by the user invoking the conversion script.
This issue should also affect FC3
Created attachment 117621 [details]
Proposed upstream patch
it's now fixed in kdeedu-3.4.2-0.fc4.2 (FC4) and kdeedu-3.4.2-0.fc3.2 (FC3)