The KDE Security team has issued an advisory on a vulnerability present in all versions of KDE that allow a remote attacker to execute arbitrary commands under your account. KDE 3.0.5b and KDE 3.1.1a have been released to address this problem. For KDE 2.2.2 patches to the KDE 2.2.2 sources have been made available.
KDE uses Ghostscript software for processing of PostScript (PS)
An attacker can prepare a malicious PostScript or PDF file which will
An attacker can provide malicious files remotely to a victim in an
OS vendors and KDE package providers have been alerted and the we expect them to provide updated binary packages shortly. The following updates are already available from the KDE ftp mirrors:
Note that many also provide updates via their own online update service.