Opera Default 'kfmclient exec' Configuration May Let Remote Users Execute Arbitrary Commands
Categorie: Vulnerability Posted: 2004-12-15 by ReCall Views: 380 Source: Click here
Current Rating: Not rated
Details
Description: A vulnerability was reported in Opera when using KDE. A remote user may be able to cause the target user to execute arbitrary commands.
Giovanni Delvecchio of Zone-h reported that KDE uses 'kfmclient exec' as the default application for processing saved files. A remote user can cause arbitrary shell commands to be executed on the target system.
For example, a remote server can supply 'image.Jpg' with an unknown Content-Type field, causing Opera to display a dialog box for the file. If the target user selects 'Open' to view the supposed image file, the file will be opened using 'kfmclient exec'. If 'image.Jpg' is a KDE desktop entry, then the target user's system will execute the command in the 'Exec' entry.
