Mandrake Linux Security Advisory : kdepim (MDKSA-2004:003)
High Nessus Plugin ID 14103
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionA vulnerability was discovered in all versions of kdepim as distributed with KDE versions 3.1.0 through 3.1.4. This vulnerability allows for a carefully crafted .VCF file to potentially enable a local attacker to compromise the privacy of a victim's data or execute arbitrary commands with the victim's privileges. This can also be used by remote attackers if the victim enables previews for remote files;
however this is disabled by default.
The provided packages contain a patch from the KDE team to correct this problem.
SolutionUpdate the affected packages.