CVE-1999-1270

Published: Jul 11, 1998Modified: Apr 16, 2026

4.6

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 3.9 / Impact: 6.4

Source: NVD

Description

KMail in KDE 1.0 provides a PGP passphrase as a command line argument to other programs, which could allow local users to obtain the passphrase and compromise the PGP keys of other users by viewing the arguments via programs that list process information, such as ps.

Affected (1)

Products: Kde: Kde

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Kde Kde	Version 1.0

References (4)

http://lists.kde.org/?l=kde-devel&m=90221974029738&w=2

Source: cve@mitre.org

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/1639

Source: cve@mitre.org

http://lists.kde.org/?l=kde-devel&m=90221974029738&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/1639

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.