Ubuntu Security Notice 872-1 – It was discovered that the KIO subsystem of KDE did not properly perform input validation when processing help:// URIs. If a user or KIO application processed a crafted help:// URI, an attacker could trigger JavaScript execution or access files via directory traversal.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/83743/USN-872-1.txt
Source: https://packetstormsecurity.com/files/83743/Ubuntu-Security-Notice-872-1.html