In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .desktop file.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-08-07T14:30:35
Updated: 2019-09-03T19:06:14
Reserved: 2019-08-07T00:00:00
Link: CVE-2019-14744
JSON object: View
NVD Information
Status : Modified
Published: 2019-08-07T15:15:13.970
Modified: 2023-11-07T03:05:18.183
Link: CVE-2019-14744
JSON object: View
Redhat Information
No data.
CWE