{"api_version":"1","generated_at":"2026-04-22T21:14:54+00:00","cve":"CVE-2019-14744","urls":{"html":"https://cve.report/CVE-2019-14744","api":"https://cve.report/api/cve/CVE-2019-14744.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2019-14744","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2019-14744"},"summary":{"title":"CVE-2019-14744","description":"In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .desktop file.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2019-08-07 15:15:00","updated_at":"2023-11-07 03:05:00"},"problem_types":["CWE-78"],"metrics":[],"references":[{"url":"https://seclists.org/bugtraq/2019/Aug/12","name":"20190812 [SECURITY] [DSA 4494-1] kconfig security update","refsource":"BUGTRAQ","tags":["Mailing List","Third Party Advisory"],"title":"Bugtraq: [SECURITY] [DSA 4494-1] kconfig security update","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2019:2606","name":"RHSA-2019:2606","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YIDXQ6CUB5E7Y3MJWCUY4VR42QAE6SCJ/","name":"FEDORA-2019-39d23c7a94","refsource":"","tags":[],"title":"[SECURITY] Fedora 29 Update: kde-settings-29.1-1.fc29 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00013.html","name":"openSUSE-SU-2019:1851","refsource":"SUSE","tags":["Mailing List","Patch","Third Party Advisory"],"title":"[security-announce] openSUSE-SU-2019:1851-1: important: Security update","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://seclists.org/bugtraq/2019/Aug/9","name":"20190808 [slackware-security] kdelibs (SSA:2019-220-01)","refsource":"BUGTRAQ","tags":["Mailing List","Third Party Advisory"],"title":"Bugtraq: [slackware-security]  kdelibs (SSA:2019-220-01)","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IRIKH7ZWXELIQT6WSLV7EG3VTFWKZPD/","name":"FEDORA-2019-a746ac9c89","refsource":"","tags":[],"title":"[SECURITY] Fedora 30 Update: kdelibs-4.14.38-15.fc30 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.zdnet.com/article/unpatched-kde-vulnerability-disclosed-on-twitter/","name":"https://www.zdnet.com/article/unpatched-kde-vulnerability-disclosed-on-twitter/","refsource":"MISC","tags":["Press/Media Coverage","Third Party Advisory"],"title":"Unpatched KDE vulnerability disclosed on Twitter | ZDNet","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTFBQRJAU7ITD3TOMPZAUQMYYCAZ6DTX/","name":"FEDORA-2019-48b691092f","refsource":"FEDORA","tags":["Mailing List","Release Notes","Third Party Advisory"],"title":"[SECURITY] Fedora 30 Update: kf5-kconfig-5.59.0-1.fc30.1 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://gist.githubusercontent.com/zeropwn/630832df151029cb8f22d5b6b9efaefb/raw/64aa3d30279acb207f787ce9c135eefd5e52643b/kde-kdesktopfile-command-injection.txt","name":"https://gist.githubusercontent.com/zeropwn/630832df151029cb8f22d5b6b9efaefb/raw/64aa3d30279acb207f787ce9c135eefd5e52643b/kde-kdesktopfile-command-injection.txt","refsource":"MISC","tags":["Exploit","Third Party Advisory"],"title":"","mime":"text/plain","httpstatus":"200","archivestatus":"200"},{"url":"http://packetstormsecurity.com/files/153981/Slackware-Security-Advisory-kdelibs-Updates.html","name":"http://packetstormsecurity.com/files/153981/Slackware-Security-Advisory-kdelibs-Updates.html","refsource":"MISC","tags":["Patch","Third Party Advisory"],"title":"Slackware Security Advisory - kdelibs Updates ≈ Packet Storm","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNHO6FZRYBQ2R3UCFDGS66F6DNNTKCMM/","name":"FEDORA-2019-f9f78895c3","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 30 Update: kdelibs3-3.5.10-101.fc30 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.debian.org/security/2019/dsa-4494","name":"DSA-4494","refsource":"DEBIAN","tags":["Third Party Advisory"],"title":"Debian -- Security Information -- DSA-4494-1 kconfig","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNHO6FZRYBQ2R3UCFDGS66F6DNNTKCMM/","name":"FEDORA-2019-f9f78895c3","refsource":"","tags":[],"title":"[SECURITY] Fedora 30 Update: kdelibs3-3.5.10-101.fc30 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00016.html","name":"openSUSE-SU-2019:1855","refsource":"SUSE","tags":["Mailing List","Patch","Third Party Advisory"],"title":"[security-announce] openSUSE-SU-2019:1855-1: important: Security update","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYKLUSSEK3YJOVQDL6K2LKGS3354UH6L/","name":"FEDORA-2019-9f2ee52c88","refsource":"","tags":[],"title":"[SECURITY] Fedora 29 Update: kdelibs3-3.5.10-101.fc29 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00034.html","name":"openSUSE-SU-2019:1898","refsource":"SUSE","tags":[],"title":"[security-announce] openSUSE-SU-2019:1898-1: important: Security update","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTFBQRJAU7ITD3TOMPZAUQMYYCAZ6DTX/","name":"FEDORA-2019-48b691092f","refsource":"","tags":[],"title":"[SECURITY] Fedora 30 Update: kf5-kconfig-5.59.0-1.fc30.1 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UYKLUSSEK3YJOVQDL6K2LKGS3354UH6L/","name":"FEDORA-2019-9f2ee52c88","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 29 Update: kdelibs3-3.5.10-101.fc29 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://security.gentoo.org/glsa/201908-07","name":"GLSA-201908-07","refsource":"GENTOO","tags":[],"title":"KDE KConfig: User-assisted execution of arbitrary code (GLSA 201908-07) — Gentoo security","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://usn.ubuntu.com/4100-1/","name":"USN-4100-1","refsource":"UBUNTU","tags":[],"title":"USN-4100-1: KConfig and KDE libraries vulnerabilities | Ubuntu security notices | Ubuntu","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YIDXQ6CUB5E7Y3MJWCUY4VR42QAE6SCJ/","name":"FEDORA-2019-39d23c7a94","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 29 Update: kde-settings-29.1-1.fc29 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.debian.org/debian-lts-announce/2019/08/msg00023.html","name":"[debian-lts-announce] 20190818 [SECURITY] [DLA 1890-1] kde4libs security update","refsource":"MLIST","tags":[],"title":"[SECURITY] [DLA 1890-1] kde4libs security update","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5IRIKH7ZWXELIQT6WSLV7EG3VTFWKZPD/","name":"FEDORA-2019-a746ac9c89","refsource":"FEDORA","tags":["Release Notes","Third Party Advisory"],"title":"[SECURITY] Fedora 30 Update: kdelibs-4.14.38-15.fc30 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2019-14744","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-14744","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2019","cve_id":"14744","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"16.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"esm","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"14744","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"18.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"lts","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"14744","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"19.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"14744","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"10.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"14744","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"9.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"14744","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"10.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"14744","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"9.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"14744","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"29","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"14744","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"30","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"14744","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"kde","cpe5":"kconfig","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"14744","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"kde","cpe5":"kconfig","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"14744","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"opensuse","cpe5":"backports_sle","cpe6":"15.0","cpe7":"sp1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"14744","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux_desktop","cpe6":"7.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"14744","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux_server","cpe6":"7.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"14744","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux_workstation","cpe6":"7.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2019-14744","qid":"377001","title":"Alibaba Cloud Linux Security Update for kdelibs and kde-settings (ALINUX2-SA-2019:0050)"},{"cve":"CVE-2019-14744","qid":"378193","title":"Virtuozzo Linux Security Update for kdelibs-common (VZLSA-2019:2606)"},{"cve":"CVE-2019-14744","qid":"710152","title":"Gentoo Linux KDE KConfig User-assisted execution of arbitrary code Vulnerability (GLSA 201908-07)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2019-14744","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .desktop file."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"url":"https://gist.githubusercontent.com/zeropwn/630832df151029cb8f22d5b6b9efaefb/raw/64aa3d30279acb207f787ce9c135eefd5e52643b/kde-kdesktopfile-command-injection.txt","refsource":"MISC","name":"https://gist.githubusercontent.com/zeropwn/630832df151029cb8f22d5b6b9efaefb/raw/64aa3d30279acb207f787ce9c135eefd5e52643b/kde-kdesktopfile-command-injection.txt"},{"url":"https://www.zdnet.com/article/unpatched-kde-vulnerability-disclosed-on-twitter/","refsource":"MISC","name":"https://www.zdnet.com/article/unpatched-kde-vulnerability-disclosed-on-twitter/"},{"refsource":"BUGTRAQ","name":"20190808 [slackware-security] kdelibs (SSA:2019-220-01)","url":"https://seclists.org/bugtraq/2019/Aug/9"},{"refsource":"MISC","name":"http://packetstormsecurity.com/files/153981/Slackware-Security-Advisory-kdelibs-Updates.html","url":"http://packetstormsecurity.com/files/153981/Slackware-Security-Advisory-kdelibs-Updates.html"},{"refsource":"DEBIAN","name":"DSA-4494","url":"https://www.debian.org/security/2019/dsa-4494"},{"refsource":"BUGTRAQ","name":"20190812 [SECURITY] [DSA 4494-1] kconfig security update","url":"https://seclists.org/bugtraq/2019/Aug/12"},{"refsource":"FEDORA","name":"FEDORA-2019-48b691092f","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTFBQRJAU7ITD3TOMPZAUQMYYCAZ6DTX/"},{"refsource":"SUSE","name":"openSUSE-SU-2019:1851","url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00013.html"},{"refsource":"SUSE","name":"openSUSE-SU-2019:1855","url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00016.html"},{"refsource":"FEDORA","name":"FEDORA-2019-a746ac9c89","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5IRIKH7ZWXELIQT6WSLV7EG3VTFWKZPD/"},{"refsource":"SUSE","name":"openSUSE-SU-2019:1898","url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00034.html"},{"refsource":"GENTOO","name":"GLSA-201908-07","url":"https://security.gentoo.org/glsa/201908-07"},{"refsource":"MLIST","name":"[debian-lts-announce] 20190818 [SECURITY] [DLA 1890-1] kde4libs security update","url":"https://lists.debian.org/debian-lts-announce/2019/08/msg00023.html"},{"refsource":"FEDORA","name":"FEDORA-2019-f9f78895c3","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNHO6FZRYBQ2R3UCFDGS66F6DNNTKCMM/"},{"refsource":"FEDORA","name":"FEDORA-2019-9f2ee52c88","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UYKLUSSEK3YJOVQDL6K2LKGS3354UH6L/"},{"refsource":"UBUNTU","name":"USN-4100-1","url":"https://usn.ubuntu.com/4100-1/"},{"refsource":"FEDORA","name":"FEDORA-2019-39d23c7a94","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YIDXQ6CUB5E7Y3MJWCUY4VR42QAE6SCJ/"},{"refsource":"REDHAT","name":"RHSA-2019:2606","url":"https://access.redhat.com/errata/RHSA-2019:2606"}]}},"nvd":{"publishedDate":"2019-08-07 15:15:00","lastModifiedDate":"2023-11-07 03:05:00","problem_types":["CWE-78"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:H/Au:N/C:P/I:P/A:P","accessVector":"NETWORK","accessComplexity":"HIGH","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL","baseScore":5.1},"severity":"MEDIUM","exploitabilityScore":4.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:kde:kconfig:*:*:*:*:*:*:*:*","versionEndExcluding":"5.61.0","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2019","CveId":"14744","Ordinal":"153949","Title":"CVE-2019-14744","CVE":"CVE-2019-14744","Year":"2019"},"notes":[{"CveYear":"2019","CveId":"14744","Ordinal":"1","NoteData":"In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .desktop file.","Type":"Description","Title":null},{"CveYear":"2019","CveId":"14744","Ordinal":"2","NoteData":"2019-08-07","Type":"Other","Title":"Published"},{"CveYear":"2019","CveId":"14744","Ordinal":"3","NoteData":"2019-09-03","Type":"Other","Title":"Modified"}]}}}