Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-1999-1270

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-1999-1270
Last Modified 05 Sep 2008 04:19:07
Published 11 Jul 1998 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-1999-1270

Summary

KMail in KDE 1.0 provides a PGP passphrase as a command line argument to other programs, which could allow local users to obtain the passphrase and compromise the PGP keys of other users by viewing the arguments via programs that list process information, such as ps.

Vulnerable Systems

Operating System

  • Kde 1.0


References

XF - kde-kmail-passphrase-leak(1639)

MISC - http://lists.kde.org/?l=kde-devel&m=90221974029738&w=2


Last Updated: 27 May 2016 10:35:21