CVE-1999-1270

CVSS 2.0 Score 4.6 of 10 (medium)

Details

Published Jul 11, 1998
Updated: Nov 20, 2024

Summary

CVE-1999-1270 is a vulnerability affecting KMail in KDE 1.0. This issue allows local users to obtain the PGP passphrase of other users by passing it as a command-line argument to other programs. This vulnerability poses a significant risk as the passphrase, once obtained, can be used to compromise the affected users' PGP keys. Malicious actors can take advantage of this issue by using tools that list process information, such as 'ps', to view the passphrase arguments. It is essential for users to avoid passing sensitive information, including passphrases, as command-line arguments to prevent potential unauthorized access.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • K Desktop Environment

Affected Vendors

  • KDE Community