On Thursday January 28 2021 08:49:50 Andre Heinecke wrote: >Ok, its a bug but I don't think this is really a security isse +++ >From what I understand the bug is that a file is executed instead of being encrypted/decrypted. This could be a security risk on a proper OS where it would allow users to execute code as a more privileged user, or execute code s/he wouldn't otherwise be able to execute. Does that happen here, IOW, what happens when the user tries to launch this c:\program.exe binary directly?
Re: [SECURITY ALERT] Kleopatra allows local users to execute arbitrary code
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Re: [SECURITY ALERT] Kleopatra allows local users to execute arbitrary code
- From: René J.V. Bertin <rjvbertin@xxxxxxxxx>
- Date: Mon, 01 Feb 2021 10:48:49 +0100
- In-reply-to: <20959559.n8qCVXbbpe@hopper>
- References: <CAMCxAF07ygUmWSNNBw+-vL8YtBowacdxa-j2Ey=tOOJ1Z39+bQ@mail.gmail.com> <20959559.n8qCVXbbpe@hopper>
- User-agent: KMail/4.13.3 (Linux/4.14.23-ck1-mainline-core2-rjvb; KDE/4.14.38; x86_64; ; )
- References:
- [SECURITY ALERT] Kleopatra allows local users to execute arbitrary code
- From: Hoàng Cường
- Re: [SECURITY ALERT] Kleopatra allows local users to execute arbitrary code
- From: Andre Heinecke
- [SECURITY ALERT] Kleopatra allows local users to execute arbitrary code
- Prev by Date: Re: [SECURITY ALERT] Kleopatra allows local users to execute arbitrary code
- Next by Date: Major problem updating kde and plasma
- Previous by thread: Re: [SECURITY ALERT] Kleopatra allows local users to execute arbitrary code
- Next by thread: Major problem updating kde and plasma
- Index(es):
 |