Internet Security Systems (ISS) X-Force has discovered a vulnerability in KDE's K-Mail mail user agent software. KDE is a very popular window manager available for most Unix platforms, and provides an easy-to-use interface and a number of graphical front ends to common command-line Unix applications. K-Mail contains a vulnerability that may allow local attackers to compromise the UID of whoever is running K-Mail. The mail client creates insecure temporary directories that are used to store MIME encoded files.
005a0ae5547ee2c1fde9b7b26bf775a5e727ace2ef200113d1dfbae25d16acaa