CVE-1999-1270
Published Jul 11, 1998
Last updated 7 years ago
Overview
- Description
- KMail in KDE 1.0 provides a PGP passphrase as a command line argument to other programs, which could allow local users to obtain the passphrase and compromise the PGP keys of other users by viewing the arguments via programs that list process information, such as ps.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.6
- Impact score
- 6.4
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "30661C23-9BE4-4F6E-AEB9-1B9D7DAA6FC9"
}
],
"operator": "OR"
}
]
}
]