March 12, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – LokiBot Gains New Persistence Mechanism, Uses Steganography to Hide Its Tracks
August 7, 2019Rewterz Threat Advisory – Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
August 7, 2019Rewterz Threat Alert – LokiBot Gains New Persistence Mechanism, Uses Steganography to Hide Its Tracks
August 7, 2019Rewterz Threat Advisory – Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
August 7, 2019
Severity
High
Analysis Summary
KDE is vulnerable to a command injection vulnerability in the KDesktopFile class. When a .desktop or .directory file is instantiated, it unsafely evaluates environment variables and shell expansions using KConfigPrivate::expandString() via the KConfigGroup::readEntry() function. Using a specially crafted .desktop file a remote user could be compromised by simply downloading and viewing the file in their file manager, or by drag and dropping a link of it into their documents or desktop.
Impact
Command injection
Affected Vendors
Linux
Affected Products
KDE version 4 and 5
Remediation
It is recommended for users to check any .desktop or .directory files and disable any dynamic entries.