RHSA-2011:0465-01 -- Redhat kdenetworkID: oval:org.secpod.oval:def:500236 | Date: (C)2012-01-31 (M)2023-11-13 |
Class: PATCH | Family: unix |
The kdenetwork packages contain networking applications for the K Desktop Environment . A directory traversal flaw was found in the way KGet, a download manager, handled the file element in Metalink files. An attacker could use this flaw to create a specially-crafted Metalink file that, when opened, would cause KGet to overwrite arbitrary files accessible to the user running KGet. Users of kdenetwork should upgrade to these updated packages, which contain a backported patch to resolve this issue. The desktop must be restarted for this update to take effect.
Platform: |
Red Hat Enterprise Linux 6 |