Description
The GnuPG plugin in kopete before 0.6.2 does not properly cleanse the command line when executing gpg, which allows remote attackers to execute arbitrary commands.
References (3)
Core 3
Core References
Various Sources x_refsource_confirm
http://kopete.kde.org/index.php?page=newsstory&news=Kopete_releases_version_0.6.2
Vendor Advisory vendor-advisory
x_refsource_conectiva
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000665
Vendor Advisory vendor-advisory
x_refsource_mandrake
http://www.mandriva.com/security/advisories?name=MDKSA-2003:055
Scores
EPSS
0.0098
EPSS Percentile
77.0%
Details
Status
published
Products (1)
kde/kopete
0.6.1
Published
May 27, 2003
Tracked Since
Feb 18, 2026