KGet 2.4.2 in KDE SC 4.0.0 through 4.4.3 does not properly request download confirmation from the user, which makes it easier for remote attackers to overwrite arbitrary files via a crafted metalink file.
Max CVSS
6.4
EPSS Score
0.83%
Published
2010-05-17
Updated
2018-10-10
1 vulnerabilities found