CVE-2010-1511

KGet 2.4.2 in KDE SC 4.0.0 through 4.4.3 does not properly request download confirmation from the user, which makes it easier for remote attackers to overwrite arbitrary files via a crafted metalink file.

Date published : 2010-05-17

http://www.securityfocus.com/bid/40141

http://www.securityfocus.com/archive/1/511279/100/0/threaded