CVE-2000-0918

KDE 1.1.2 - Command Injection

Title source: llm

Description

Format string vulnerability in kvt in KDE 1.1.2 may allow local users to execute arbitrary commands via a DISPLAY environmental variable that contains formatting characters.

References (2)

[Patch] http://www.securityfocus.com/archive/1/83914

[Patch, Vendor Advisory] http://www.securityfocus.com/bid/1700

Scores

EPSS 0.0006

EPSS Percentile 18.9%

Classification

Status draft

Affected Products (1)

kde/kvt

Timeline

Published Dec 19, 2000

Tracked Since Feb 18, 2026