CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-14744

In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .desktop file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.011

EPSS Ranking 76.8%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 5.1

References

Products affected by CVE-2019-14744

Kde » Kconfig » Version: N/A

cpe:2.3:a:kde:kconfig:-
Kde » Kconfig » Version: 4.100.0

cpe:2.3:a:kde:kconfig:4.100.0
Kde » Kconfig » Version: 4.95.0

cpe:2.3:a:kde:kconfig:4.95.0
Kde » Kconfig » Version: 4.96.0

cpe:2.3:a:kde:kconfig:4.96.0
Kde » Kconfig » Version: 4.97.0

cpe:2.3:a:kde:kconfig:4.97.0
Kde » Kconfig » Version: 4.98.0

cpe:2.3:a:kde:kconfig:4.98.0
Kde » Kconfig » Version: 4.99.0

cpe:2.3:a:kde:kconfig:4.99.0
Kde » Kconfig » Version: 5.0.0

cpe:2.3:a:kde:kconfig:5.0.0
Kde » Kconfig » Version: 5.1.0

cpe:2.3:a:kde:kconfig:5.1.0
Kde » Kconfig » Version: 5.10.0

cpe:2.3:a:kde:kconfig:5.10.0
Kde » Kconfig » Version: 5.11.0

cpe:2.3:a:kde:kconfig:5.11.0
Kde » Kconfig » Version: 5.12.0

cpe:2.3:a:kde:kconfig:5.12.0
Kde » Kconfig » Version: 5.13.0

cpe:2.3:a:kde:kconfig:5.13.0
Kde » Kconfig » Version: 5.14.0

cpe:2.3:a:kde:kconfig:5.14.0
Kde » Kconfig » Version: 5.15.0

cpe:2.3:a:kde:kconfig:5.15.0
Kde » Kconfig » Version: 5.16.0

cpe:2.3:a:kde:kconfig:5.16.0
Kde » Kconfig » Version: 5.17.0

cpe:2.3:a:kde:kconfig:5.17.0
Kde » Kconfig » Version: 5.18.0

cpe:2.3:a:kde:kconfig:5.18.0
Kde » Kconfig » Version: 5.19.0

cpe:2.3:a:kde:kconfig:5.19.0
Kde » Kconfig » Version: 5.2.0

cpe:2.3:a:kde:kconfig:5.2.0
Kde » Kconfig » Version: 5.20.0

cpe:2.3:a:kde:kconfig:5.20.0
Kde » Kconfig » Version: 5.21.0

cpe:2.3:a:kde:kconfig:5.21.0
Kde » Kconfig » Version: 5.22.0

cpe:2.3:a:kde:kconfig:5.22.0
Kde » Kconfig » Version: 5.23.0

cpe:2.3:a:kde:kconfig:5.23.0
Kde » Kconfig » Version: 5.24.0

cpe:2.3:a:kde:kconfig:5.24.0
Kde » Kconfig » Version: 5.25.0

cpe:2.3:a:kde:kconfig:5.25.0
Kde » Kconfig » Version: 5.26.0

cpe:2.3:a:kde:kconfig:5.26.0
Kde » Kconfig » Version: 5.27.0

cpe:2.3:a:kde:kconfig:5.27.0
Kde » Kconfig » Version: 5.28.0

cpe:2.3:a:kde:kconfig:5.28.0
Kde » Kconfig » Version: 5.29.0

cpe:2.3:a:kde:kconfig:5.29.0
Kde » Kconfig » Version: 5.3.0

cpe:2.3:a:kde:kconfig:5.3.0
Kde » Kconfig » Version: 5.30.0

cpe:2.3:a:kde:kconfig:5.30.0
Kde » Kconfig » Version: 5.31.0

cpe:2.3:a:kde:kconfig:5.31.0
Kde » Kconfig » Version: 5.32.0

cpe:2.3:a:kde:kconfig:5.32.0
Kde » Kconfig » Version: 5.33.0

cpe:2.3:a:kde:kconfig:5.33.0
Kde » Kconfig » Version: 5.34.0

cpe:2.3:a:kde:kconfig:5.34.0
Kde » Kconfig » Version: 5.35.0

cpe:2.3:a:kde:kconfig:5.35.0
Kde » Kconfig » Version: 5.36.0

cpe:2.3:a:kde:kconfig:5.36.0
Kde » Kconfig » Version: 5.37.0

cpe:2.3:a:kde:kconfig:5.37.0
Kde » Kconfig » Version: 5.38.0

cpe:2.3:a:kde:kconfig:5.38.0
Kde » Kconfig » Version: 5.39.0

cpe:2.3:a:kde:kconfig:5.39.0
Kde » Kconfig » Version: 5.4.0

cpe:2.3:a:kde:kconfig:5.4.0
Kde » Kconfig » Version: 5.40.0

cpe:2.3:a:kde:kconfig:5.40.0
Kde » Kconfig » Version: 5.41.0

cpe:2.3:a:kde:kconfig:5.41.0
Kde » Kconfig » Version: 5.42.0

cpe:2.3:a:kde:kconfig:5.42.0
Kde » Kconfig » Version: 5.43.0

cpe:2.3:a:kde:kconfig:5.43.0
Kde » Kconfig » Version: 5.44.0

cpe:2.3:a:kde:kconfig:5.44.0
Kde » Kconfig » Version: 5.45.0

cpe:2.3:a:kde:kconfig:5.45.0
Kde » Kconfig » Version: 5.46.0

cpe:2.3:a:kde:kconfig:5.46.0
Kde » Kconfig » Version: 5.47.0

cpe:2.3:a:kde:kconfig:5.47.0
Kde » Kconfig » Version: 5.48.0

cpe:2.3:a:kde:kconfig:5.48.0
Kde » Kconfig » Version: 5.49.0

cpe:2.3:a:kde:kconfig:5.49.0
Kde » Kconfig » Version: 5.5.0

cpe:2.3:a:kde:kconfig:5.5.0
Kde » Kconfig » Version: 5.50.0

cpe:2.3:a:kde:kconfig:5.50.0
Kde » Kconfig » Version: 5.51.0

cpe:2.3:a:kde:kconfig:5.51.0
Kde » Kconfig » Version: 5.52.0

cpe:2.3:a:kde:kconfig:5.52.0
Kde » Kconfig » Version: 5.53.0

cpe:2.3:a:kde:kconfig:5.53.0
Kde » Kconfig » Version: 5.54.0

cpe:2.3:a:kde:kconfig:5.54.0
Kde » Kconfig » Version: 5.55.0

cpe:2.3:a:kde:kconfig:5.55.0
Kde » Kconfig » Version: 5.56.0

cpe:2.3:a:kde:kconfig:5.56.0
Kde » Kconfig » Version: 5.57.0

cpe:2.3:a:kde:kconfig:5.57.0
Kde » Kconfig » Version: 5.58.0

cpe:2.3:a:kde:kconfig:5.58.0
Kde » Kconfig » Version: 5.59.0

cpe:2.3:a:kde:kconfig:5.59.0
Kde » Kconfig » Version: 5.6.0

cpe:2.3:a:kde:kconfig:5.6.0
Kde » Kconfig » Version: 5.60.0

cpe:2.3:a:kde:kconfig:5.60.0
Kde » Kconfig » Version: 5.7.0

cpe:2.3:a:kde:kconfig:5.7.0
Kde » Kconfig » Version: 5.8.0

cpe:2.3:a:kde:kconfig:5.8.0
Kde » Kconfig » Version: 5.9.0

cpe:2.3:a:kde:kconfig:5.9.0
Opensuse » Backports Sle » Version: 15.0

cpe:2.3:a:opensuse:backports_sle:15.0
Canonical » Ubuntu Linux » Version: 16.04

cpe:2.3:o:canonical:ubuntu_linux:16.04
Canonical » Ubuntu Linux » Version: 18.04

cpe:2.3:o:canonical:ubuntu_linux:18.04
Canonical » Ubuntu Linux » Version: 19.04

cpe:2.3:o:canonical:ubuntu_linux:19.04
Debian » Debian Linux » Version: 10.0

cpe:2.3:o:debian:debian_linux:10.0
Debian » Debian Linux » Version: 9.0

cpe:2.3:o:debian:debian_linux:9.0
Fedoraproject » Fedora » Version: 29

cpe:2.3:o:fedoraproject:fedora:29
Fedoraproject » Fedora » Version: 30

cpe:2.3:o:fedoraproject:fedora:30
Redhat » Enterprise Linux Desktop » Version: 7.0

cpe:2.3:o:redhat:enterprise_linux_desktop:7.0
Redhat » Enterprise Linux Server » Version: 7.0

cpe:2.3:o:redhat:enterprise_linux_server:7.0
Redhat » Enterprise Linux Workstation » Version: 7.0

cpe:2.3:o:redhat:enterprise_linux_workstation:7.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-14744

Products

Pricing

Contact Us