Vulnerabilites related to kde - kde
CVE-2003-0692 (GCVE-0-2003-0692)
Vulnerability from cvelistv5
Published
2003-09-18 04:00
Modified
2024-08-08 02:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
KDM in KDE 3.1.3 and earlier uses a weak session cookie generation algorithm that does not provide 128 bits of entropy, which allows attackers to guess session cookies via brute force methods and gain access to the user session.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:05:12.653Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CLA-2003:747",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000747"
},
{
"name": "20030916 [KDE SECURITY ADVISORY] KDM vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106374551513499\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:215",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A215"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://cert.uni-stuttgart.de/archive/suse/security/2002/12/msg00101.html"
},
{
"name": "RHSA-2003:270",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-270.html"
},
{
"name": "DSA-388",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-388"
},
{
"name": "MDKSA-2003:091",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:091"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20030916-1.txt"
},
{
"name": "RHSA-2003:288",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-288.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-09-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "KDM in KDE 3.1.3 and earlier uses a weak session cookie generation algorithm that does not provide 128 bits of entropy, which allows attackers to guess session cookies via brute force methods and gain access to the user session."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CLA-2003:747",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000747"
},
{
"name": "20030916 [KDE SECURITY ADVISORY] KDM vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106374551513499\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:215",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A215"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://cert.uni-stuttgart.de/archive/suse/security/2002/12/msg00101.html"
},
{
"name": "RHSA-2003:270",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-270.html"
},
{
"name": "DSA-388",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-388"
},
{
"name": "MDKSA-2003:091",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:091"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20030916-1.txt"
},
{
"name": "RHSA-2003:288",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-288.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0692",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "KDM in KDE 3.1.3 and earlier uses a weak session cookie generation algorithm that does not provide 128 bits of entropy, which allows attackers to guess session cookies via brute force methods and gain access to the user session."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CLA-2003:747",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000747"
},
{
"name": "20030916 [KDE SECURITY ADVISORY] KDM vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=106374551513499\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:215",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A215"
},
{
"name": "http://cert.uni-stuttgart.de/archive/suse/security/2002/12/msg00101.html",
"refsource": "MISC",
"url": "http://cert.uni-stuttgart.de/archive/suse/security/2002/12/msg00101.html"
},
{
"name": "RHSA-2003:270",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-270.html"
},
{
"name": "DSA-388",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-388"
},
{
"name": "MDKSA-2003:091",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:091"
},
{
"name": "http://www.kde.org/info/security/advisory-20030916-1.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20030916-1.txt"
},
{
"name": "RHSA-2003:288",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-288.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0692",
"datePublished": "2003-09-18T04:00:00",
"dateReserved": "2003-08-14T00:00:00",
"dateUpdated": "2024-08-08T02:05:12.653Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-1096 (GCVE-0-1999-1096)
Vulnerability from cvelistv5
Published
2001-09-12 04:00
Modified
2024-08-01 17:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in kscreensaver in KDE klock allows local users to gain root privileges via a long HOME environmental variable.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:02:53.699Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19980516 kde exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=90221101925954\u0026w=2"
},
{
"name": "19980517 simple kde exploit fix",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=90221101925959\u0026w=2"
},
{
"name": "kde-klock-home-bo(1644)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1644"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1998-05-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in kscreensaver in KDE klock allows local users to gain root privileges via a long HOME environmental variable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-18T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19980516 kde exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=90221101925954\u0026w=2"
},
{
"name": "19980517 simple kde exploit fix",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=90221101925959\u0026w=2"
},
{
"name": "kde-klock-home-bo(1644)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1644"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1096",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in kscreensaver in KDE klock allows local users to gain root privileges via a long HOME environmental variable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19980516 kde exploit",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=90221101925954\u0026w=2"
},
{
"name": "19980517 simple kde exploit fix",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=90221101925959\u0026w=2"
},
{
"name": "kde-klock-home-bo(1644)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1644"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1096",
"datePublished": "2001-09-12T04:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:02:53.699Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4512 (GCVE-0-2012-4512)
Vulnerability from cvelistv5
Published
2020-02-08 18:09
Modified
2024-08-06 20:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Other
Summary
The CSS parser (khtml/css/cssparser.cpp) in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via a crafted font face source, related to "type confusion."
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:35:09.972Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://em386.blogspot.com/2010/12/webkit-css-type-confusion.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/11"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/30/6"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://quickgit.kde.org/index.php?p=kdelibs.git\u0026a=commitdiff\u0026h=a872c8a969a8bd3706253d6ba24088e4f07f3352"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1416.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1418.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027709"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/advisories/51097"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/advisories/51145"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Konqueror",
"vendor": "KDE",
"versions": [
{
"status": "affected",
"version": "4.7.3"
}
]
}
],
"datePublic": "2012-10-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The CSS parser (khtml/css/cssparser.cpp) in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via a crafted font face source, related to \"type confusion.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Other",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-08T18:09:56",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://em386.blogspot.com/2010/12/webkit-css-type-confusion.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/11"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/30/6"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://quickgit.kde.org/index.php?p=kdelibs.git\u0026a=commitdiff\u0026h=a872c8a969a8bd3706253d6ba24088e4f07f3352"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1416.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1418.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securitytracker.com/id?1027709"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/advisories/51097"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/advisories/51145"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-4512",
"datePublished": "2020-02-08T18:09:56",
"dateReserved": "2012-08-21T00:00:00",
"dateUpdated": "2024-08-06T20:35:09.972Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-1267 (GCVE-0-1999-1267)
Vulnerability from cvelistv5
Published
2001-09-12 04:00
Modified
2024-08-01 17:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
KDE file manager (kfm) uses a TCP server for certain file operations, which allows remote attackers to modify arbitrary files by sending a copy command to the server.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:11:01.665Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19970505 Hole in the KDE desktop",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=87602167420906\u0026w=2"
},
{
"name": "kde-flawed-ipc(1646)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1646"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1997-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "KDE file manager (kfm) uses a TCP server for certain file operations, which allows remote attackers to modify arbitrary files by sending a copy command to the server."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-18T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19970505 Hole in the KDE desktop",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=87602167420906\u0026w=2"
},
{
"name": "kde-flawed-ipc(1646)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1646"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1267",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "KDE file manager (kfm) uses a TCP server for certain file operations, which allows remote attackers to modify arbitrary files by sending a copy command to the server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19970505 Hole in the KDE desktop",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=87602167420906\u0026w=2"
},
{
"name": "kde-flawed-ipc(1646)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1646"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1267",
"datePublished": "2001-09-12T04:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:11:01.665Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-1270 (GCVE-0-1999-1270)
Vulnerability from cvelistv5
Published
2001-09-12 04:00
Modified
2024-08-01 17:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
KMail in KDE 1.0 provides a PGP passphrase as a command line argument to other programs, which could allow local users to obtain the passphrase and compromise the PGP keys of other users by viewing the arguments via programs that list process information, such as ps.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:11:01.676Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "kde-kmail-passphrase-leak(1639)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1639"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.kde.org/?l=kde-devel\u0026m=90221974029738\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1998-07-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "KMail in KDE 1.0 provides a PGP passphrase as a command line argument to other programs, which could allow local users to obtain the passphrase and compromise the PGP keys of other users by viewing the arguments via programs that list process information, such as ps."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-18T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "kde-kmail-passphrase-leak(1639)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1639"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.kde.org/?l=kde-devel\u0026m=90221974029738\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1270",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "KMail in KDE 1.0 provides a PGP passphrase as a command line argument to other programs, which could allow local users to obtain the passphrase and compromise the PGP keys of other users by viewing the arguments via programs that list process information, such as ps."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "kde-kmail-passphrase-leak(1639)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1639"
},
{
"name": "http://lists.kde.org/?l=kde-devel\u0026m=90221974029738\u0026w=2",
"refsource": "MISC",
"url": "http://lists.kde.org/?l=kde-devel\u0026m=90221974029738\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1270",
"datePublished": "2001-09-12T04:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:11:01.676Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0019 (GCVE-0-2006-0019)
Vulnerability from cvelistv5
Published
2006-01-20 21:00
Modified
2024-08-07 16:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap-based buffer overflow in the encodeURI and decodeURI functions in the kjs JavaScript interpreter engine in KDE 3.2.0 through 3.5.0 allows remote attackers to execute arbitrary code via a crafted, UTF-8 encoded URI.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:18:20.752Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:11858",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11858"
},
{
"name": "18500",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18500"
},
{
"name": "18552",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18552"
},
{
"name": "kde-kjs-bo(24242)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24242"
},
{
"name": "364",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/364"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.3-kdelibs-kjs.diff"
},
{
"name": "SUSE-SA:2006:003",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/422489/100/0/threaded"
},
{
"name": "20060119 [KDE Security Advisory] kjs encodeuri/decodeuri heap overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/422464/100/0/threaded"
},
{
"name": "FLSA:178606",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/427976/100/0/threaded"
},
{
"name": "MDKSA-2006:019",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:019"
},
{
"name": "RHSA-2006:0184",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0184.html"
},
{
"name": "18559",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18559"
},
{
"name": "1015512",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015512"
},
{
"name": "ADV-2006-0265",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0265"
},
{
"name": "18583",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18583"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20060119-1.txt"
},
{
"name": "USN-245-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-245-1"
},
{
"name": "18570",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18570"
},
{
"name": "SSA:2006-045-05",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.361107"
},
{
"name": "DSA-948",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-948"
},
{
"name": "22659",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/22659"
},
{
"name": "18540",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18540"
},
{
"name": "16325",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16325"
},
{
"name": "GLSA-200601-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-11.xml"
},
{
"name": "18899",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18899"
},
{
"name": "18561",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18561"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-01-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the encodeURI and decodeURI functions in the kjs JavaScript interpreter engine in KDE 3.2.0 through 3.5.0 allows remote attackers to execute arbitrary code via a crafted, UTF-8 encoded URI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "oval:org.mitre.oval:def:11858",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11858"
},
{
"name": "18500",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18500"
},
{
"name": "18552",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18552"
},
{
"name": "kde-kjs-bo(24242)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24242"
},
{
"name": "364",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/364"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.3-kdelibs-kjs.diff"
},
{
"name": "SUSE-SA:2006:003",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.securityfocus.com/archive/1/422489/100/0/threaded"
},
{
"name": "20060119 [KDE Security Advisory] kjs encodeuri/decodeuri heap overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/422464/100/0/threaded"
},
{
"name": "FLSA:178606",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/427976/100/0/threaded"
},
{
"name": "MDKSA-2006:019",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:019"
},
{
"name": "RHSA-2006:0184",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0184.html"
},
{
"name": "18559",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18559"
},
{
"name": "1015512",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015512"
},
{
"name": "ADV-2006-0265",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0265"
},
{
"name": "18583",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18583"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20060119-1.txt"
},
{
"name": "USN-245-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-245-1"
},
{
"name": "18570",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18570"
},
{
"name": "SSA:2006-045-05",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.361107"
},
{
"name": "DSA-948",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-948"
},
{
"name": "22659",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/22659"
},
{
"name": "18540",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18540"
},
{
"name": "16325",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16325"
},
{
"name": "GLSA-200601-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-11.xml"
},
{
"name": "18899",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18899"
},
{
"name": "18561",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18561"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2006-0019",
"datePublished": "2006-01-20T21:00:00",
"dateReserved": "2005-12-20T00:00:00",
"dateUpdated": "2024-08-07T16:18:20.752Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1151 (GCVE-0-2002-1151)
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 03:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The cross-site scripting protection for Konqueror in KDE 2.2.2 and 3.0 through 3.0.3 does not properly initialize the domains on sub-frames and sub-iframes, which can allow remote attackers to execute script and steal cookies from subframes that are in other domains.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:12:16.942Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2002:220",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20020908-2.txt"
},
{
"name": "ie-sameoriginpolicy-bypass(10039)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10039.php"
},
{
"name": "MDKSA-2002:064",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-064.php"
},
{
"name": "DSA-167",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2002/dsa-167"
},
{
"name": "RHSA-2002:221",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-221.html"
},
{
"name": "CLA-2002:525",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000525"
},
{
"name": "5689",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5689"
},
{
"name": "7867",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/7867"
},
{
"name": "CSSA-2002-047.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-047.0.txt"
},
{
"name": "20020910 KDE Security Advisory: Konqueror Cross Site Scripting Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103175850925395\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-09-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The cross-site scripting protection for Konqueror in KDE 2.2.2 and 3.0 through 3.0.3 does not properly initialize the domains on sub-frames and sub-iframes, which can allow remote attackers to execute script and steal cookies from subframes that are in other domains."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-08-18T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2002:220",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20020908-2.txt"
},
{
"name": "ie-sameoriginpolicy-bypass(10039)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10039.php"
},
{
"name": "MDKSA-2002:064",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-064.php"
},
{
"name": "DSA-167",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2002/dsa-167"
},
{
"name": "RHSA-2002:221",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-221.html"
},
{
"name": "CLA-2002:525",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000525"
},
{
"name": "5689",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5689"
},
{
"name": "7867",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/7867"
},
{
"name": "CSSA-2002-047.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-047.0.txt"
},
{
"name": "20020910 KDE Security Advisory: Konqueror Cross Site Scripting Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103175850925395\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1151",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The cross-site scripting protection for Konqueror in KDE 2.2.2 and 3.0 through 3.0.3 does not properly initialize the domains on sub-frames and sub-iframes, which can allow remote attackers to execute script and steal cookies from subframes that are in other domains."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2002:220",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"name": "http://www.kde.org/info/security/advisory-20020908-2.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20020908-2.txt"
},
{
"name": "ie-sameoriginpolicy-bypass(10039)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10039.php"
},
{
"name": "MDKSA-2002:064",
"refsource": "MANDRAKE",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-064.php"
},
{
"name": "DSA-167",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2002/dsa-167"
},
{
"name": "RHSA-2002:221",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-221.html"
},
{
"name": "CLA-2002:525",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000525"
},
{
"name": "5689",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5689"
},
{
"name": "7867",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/7867"
},
{
"name": "CSSA-2002-047.0",
"refsource": "CALDERA",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-047.0.txt"
},
{
"name": "20020910 KDE Security Advisory: Konqueror Cross Site Scripting Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103175850925395\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1151",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2002-09-24T00:00:00",
"dateUpdated": "2024-08-08T03:12:16.942Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1125 (GCVE-0-2004-1125)
Vulnerability from cvelistv5
Published
2004-12-22 05:00
Modified
2024-08-08 00:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PDF file that causes the boundaries of a maskColors array to be exceeded.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:39:00.871Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2005:013",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-013.html"
},
{
"name": "17277",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17277"
},
{
"name": "RHSA-2005:066",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-066.html"
},
{
"name": "RHSA-2005:034",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-034.html"
},
{
"name": "RHSA-2005:018",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-018.html"
},
{
"name": "FLSA:2352",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2352"
},
{
"name": "FLSA:2353",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353"
},
{
"name": "1012646",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1012646"
},
{
"name": "12070",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12070"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20041223-1.txt"
},
{
"name": "xpdf-gfx-doimage-bo(18641)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18641"
},
{
"name": "GLSA-200501-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200501-17.xml"
},
{
"name": "RHSA-2005:026",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-026.html"
},
{
"name": "RHSA-2005:053",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
},
{
"name": "USN-50-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/50-1/"
},
{
"name": "GLSA-200501-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200501-13.xml"
},
{
"name": "20041228 KDE Security Advisory: kpdf Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?t=110378596500001\u0026r=1\u0026w=2"
},
{
"name": "GLSA-200412-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml"
},
{
"name": "20041223 [USN-48-1] xpdf, tetex-bin vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030241.html"
},
{
"name": "SUSE-SR:2005:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
},
{
"name": "RHSA-2005:354",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
},
{
"name": "20041221 Multiple Vendor xpdf PDF Viewer Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=172\u0026type=vulnerabilities"
},
{
"name": "oval:org.mitre.oval:def:10830",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10830"
},
{
"name": "SCOSA-2005.42",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl2.patch"
},
{
"name": "CLA-2005:921",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000921"
},
{
"name": "RHSA-2005:057",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-057.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PDF file that causes the boundaries of a maskColors array to be exceeded."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-03T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2005:013",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-013.html"
},
{
"name": "17277",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17277"
},
{
"name": "RHSA-2005:066",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-066.html"
},
{
"name": "RHSA-2005:034",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-034.html"
},
{
"name": "RHSA-2005:018",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-018.html"
},
{
"name": "FLSA:2352",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2352"
},
{
"name": "FLSA:2353",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353"
},
{
"name": "1012646",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1012646"
},
{
"name": "12070",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12070"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20041223-1.txt"
},
{
"name": "xpdf-gfx-doimage-bo(18641)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18641"
},
{
"name": "GLSA-200501-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200501-17.xml"
},
{
"name": "RHSA-2005:026",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-026.html"
},
{
"name": "RHSA-2005:053",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
},
{
"name": "USN-50-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/50-1/"
},
{
"name": "GLSA-200501-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200501-13.xml"
},
{
"name": "20041228 KDE Security Advisory: kpdf Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?t=110378596500001\u0026r=1\u0026w=2"
},
{
"name": "GLSA-200412-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml"
},
{
"name": "20041223 [USN-48-1] xpdf, tetex-bin vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030241.html"
},
{
"name": "SUSE-SR:2005:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
},
{
"name": "RHSA-2005:354",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
},
{
"name": "20041221 Multiple Vendor xpdf PDF Viewer Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/application/poi/display?id=172\u0026type=vulnerabilities"
},
{
"name": "oval:org.mitre.oval:def:10830",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10830"
},
{
"name": "SCOSA-2005.42",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl2.patch"
},
{
"name": "CLA-2005:921",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000921"
},
{
"name": "RHSA-2005:057",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-057.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1125",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PDF file that causes the boundaries of a maskColors array to be exceeded."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2005:013",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-013.html"
},
{
"name": "17277",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17277"
},
{
"name": "RHSA-2005:066",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-066.html"
},
{
"name": "RHSA-2005:034",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-034.html"
},
{
"name": "RHSA-2005:018",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-018.html"
},
{
"name": "FLSA:2352",
"refsource": "FEDORA",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2352"
},
{
"name": "FLSA:2353",
"refsource": "FEDORA",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353"
},
{
"name": "1012646",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1012646"
},
{
"name": "12070",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12070"
},
{
"name": "http://www.kde.org/info/security/advisory-20041223-1.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20041223-1.txt"
},
{
"name": "xpdf-gfx-doimage-bo(18641)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18641"
},
{
"name": "GLSA-200501-17",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200501-17.xml"
},
{
"name": "RHSA-2005:026",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-026.html"
},
{
"name": "RHSA-2005:053",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
},
{
"name": "USN-50-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/50-1/"
},
{
"name": "GLSA-200501-13",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200501-13.xml"
},
{
"name": "20041228 KDE Security Advisory: kpdf Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?t=110378596500001\u0026r=1\u0026w=2"
},
{
"name": "GLSA-200412-25",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml"
},
{
"name": "20041223 [USN-48-1] xpdf, tetex-bin vulnerabilities",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030241.html"
},
{
"name": "SUSE-SR:2005:001",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
},
{
"name": "RHSA-2005:354",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
},
{
"name": "20041221 Multiple Vendor xpdf PDF Viewer Buffer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=172\u0026type=vulnerabilities"
},
{
"name": "oval:org.mitre.oval:def:10830",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10830"
},
{
"name": "SCOSA-2005.42",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt"
},
{
"name": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl2.patch",
"refsource": "CONFIRM",
"url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl2.patch"
},
{
"name": "CLA-2005:921",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000921"
},
{
"name": "RHSA-2005:057",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-057.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1125",
"datePublished": "2004-12-22T05:00:00",
"dateReserved": "2004-12-02T00:00:00",
"dateUpdated": "2024-08-08T00:39:00.871Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0237 (GCVE-0-2005-0237)
Vulnerability from cvelistv5
Published
2005-02-07 05:00
Modified
2024-08-07 21:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The International Domain Name (IDN) support in Konqueror 3.2.1 on KDE 3.2.1 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:05:25.300Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.shmoo.com/idn/homograph.txt"
},
{
"name": "multiple-browsers-idn-spoof(19236)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19236"
},
{
"name": "20050206 state of homograph attacks",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031459.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20050316-2.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.shmoo.com/idn"
},
{
"name": "20050206 Re: state of homograph attacks",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031460.html"
},
{
"name": "FLSA:178606",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/427976/100/0/threaded"
},
{
"name": "MDKSA-2005:058",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:058"
},
{
"name": "14162",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14162"
},
{
"name": "RHSA-2005:325",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-325.html"
},
{
"name": "oval:org.mitre.oval:def:10671",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10671"
},
{
"name": "12461",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12461"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-02-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The International Domain Name (IDN) support in Konqueror 3.2.1 on KDE 3.2.1 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.shmoo.com/idn/homograph.txt"
},
{
"name": "multiple-browsers-idn-spoof(19236)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19236"
},
{
"name": "20050206 state of homograph attacks",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031459.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20050316-2.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.shmoo.com/idn"
},
{
"name": "20050206 Re: state of homograph attacks",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031460.html"
},
{
"name": "FLSA:178606",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/427976/100/0/threaded"
},
{
"name": "MDKSA-2005:058",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:058"
},
{
"name": "14162",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14162"
},
{
"name": "RHSA-2005:325",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-325.html"
},
{
"name": "oval:org.mitre.oval:def:10671",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10671"
},
{
"name": "12461",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12461"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-0237",
"datePublished": "2005-02-07T05:00:00",
"dateReserved": "2005-02-07T00:00:00",
"dateUpdated": "2024-08-07T21:05:25.300Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1670 (GCVE-0-2008-1670)
Vulnerability from cvelistv5
Published
2008-04-28 17:00
Modified
2024-08-07 08:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap-based buffer overflow in the progressive PNG Image loader (decoders/pngloader.cpp) in KHTML in KDE 4.0.x up to 4.0.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted image.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:32:01.265Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2008-1371",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1371/references"
},
{
"name": "SUSE-SR:2008:011",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html"
},
{
"name": "28937",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28937"
},
{
"name": "kde-khtml-png-bo(42038)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42038"
},
{
"name": "1019929",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019929"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20080426-1.txt"
},
{
"name": "29980",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29980"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-04-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the progressive PNG Image loader (decoders/pngloader.cpp) in KHTML in KDE 4.0.x up to 4.0.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted image."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "ADV-2008-1371",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1371/references"
},
{
"name": "SUSE-SR:2008:011",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html"
},
{
"name": "28937",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28937"
},
{
"name": "kde-khtml-png-bo(42038)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42038"
},
{
"name": "1019929",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019929"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20080426-1.txt"
},
{
"name": "29980",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29980"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2008-1670",
"datePublished": "2008-04-28T17:00:00",
"dateReserved": "2008-04-03T00:00:00",
"dateUpdated": "2024-08-07T08:32:01.265Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0371 (GCVE-0-2000-0371)
Vulnerability from cvelistv5
Published
2000-07-12 04:00
Modified
2024-08-08 05:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The libmediatool library used for the KDE mediatool allows local users to create arbitrary files via a symlink attack.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:14:21.473Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1269",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1269"
},
{
"name": "CSSA-1999-005.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-005.0.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-03-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The libmediatool library used for the KDE mediatool allows local users to create arbitrary files via a symlink attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1269",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1269"
},
{
"name": "CSSA-1999-005.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-005.0.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0371",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The libmediatool library used for the KDE mediatool allows local users to create arbitrary files via a symlink attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1269",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1269"
},
{
"name": "CSSA-1999-005.0",
"refsource": "CALDERA",
"url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-005.0.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0371",
"datePublished": "2000-07-12T04:00:00",
"dateReserved": "2000-05-23T00:00:00",
"dateUpdated": "2024-08-08T05:14:21.473Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0746 (GCVE-0-2004-0746)
Vulnerability from cvelistv5
Published
2004-09-14 04:00
Modified
2024-08-08 00:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:46.647Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "12341",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/12341"
},
{
"name": "kde-konqueror-cookie-set(17063)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17063"
},
{
"name": "CLA-2004:864",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000864"
},
{
"name": "MDKSA-2004:086",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:086"
},
{
"name": "10991",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10991"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20040823-1.txt"
},
{
"name": "oval:org.mitre.oval:def:11281",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11281"
},
{
"name": "20040823 KDE Security Advisory: Konqueror Cross-Domain Cookie Injection",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109327681304401\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-08-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote attackers to perform a session fixation attack and hijack a user\u0027s HTTP session."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "12341",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/12341"
},
{
"name": "kde-konqueror-cookie-set(17063)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17063"
},
{
"name": "CLA-2004:864",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000864"
},
{
"name": "MDKSA-2004:086",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:086"
},
{
"name": "10991",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10991"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20040823-1.txt"
},
{
"name": "oval:org.mitre.oval:def:11281",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11281"
},
{
"name": "20040823 KDE Security Advisory: Konqueror Cross-Domain Cookie Injection",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109327681304401\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0746",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote attackers to perform a session fixation attack and hijack a user\u0027s HTTP session."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "12341",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12341"
},
{
"name": "kde-konqueror-cookie-set(17063)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17063"
},
{
"name": "CLA-2004:864",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000864"
},
{
"name": "MDKSA-2004:086",
"refsource": "MANDRAKE",
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:086"
},
{
"name": "10991",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10991"
},
{
"name": "http://www.kde.org/info/security/advisory-20040823-1.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20040823-1.txt"
},
{
"name": "oval:org.mitre.oval:def:11281",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11281"
},
{
"name": "20040823 KDE Security Advisory: Konqueror Cross-Domain Cookie Injection",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=109327681304401\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0746",
"datePublished": "2004-09-14T04:00:00",
"dateReserved": "2004-07-26T00:00:00",
"dateUpdated": "2024-08-08T00:31:46.647Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0889 (GCVE-0-2004-0889)
Vulnerability from cvelistv5
Published
2004-10-26 04:00
Modified
2024-08-08 00:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:48.137Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "11501",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11501"
},
{
"name": "MDKSA-2004:113",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:113"
},
{
"name": "GLSA-200410-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml"
},
{
"name": "GLSA-200410-30",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml"
},
{
"name": "xpdf-pdf-file-bo(17819)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17819"
},
{
"name": "SUSE-SA:2004:039",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109880927526773\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-10-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "11501",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11501"
},
{
"name": "MDKSA-2004:113",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:113"
},
{
"name": "GLSA-200410-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml"
},
{
"name": "GLSA-200410-30",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml"
},
{
"name": "xpdf-pdf-file-bo(17819)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17819"
},
{
"name": "SUSE-SA:2004:039",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109880927526773\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0889",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "11501",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11501"
},
{
"name": "MDKSA-2004:113",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:113"
},
{
"name": "GLSA-200410-20",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml"
},
{
"name": "GLSA-200410-30",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml"
},
{
"name": "xpdf-pdf-file-bo(17819)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17819"
},
{
"name": "SUSE-SA:2004:039",
"refsource": "SUSE",
"url": "http://marc.info/?l=bugtraq\u0026m=109880927526773\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0889",
"datePublished": "2004-10-26T04:00:00",
"dateReserved": "2004-09-22T00:00:00",
"dateUpdated": "2024-08-08T00:31:48.137Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1282 (GCVE-0-2002-1282)
Vulnerability from cvelistv5
Published
2002-11-14 05:00
Modified
2024-08-08 03:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unknown vulnerability in the telnet KIO subsystem (telnet.protocol) of KDE 2.x 2.1 and later allows local and remote attackers to execute arbitrary code via a certain URL.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:19:28.459Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CSSA-2003-012.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-012.0.txt"
},
{
"name": "20021114 GLSA: kdelibs",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103728981029342\u0026w=2"
},
{
"name": "8298",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/8298"
},
{
"name": "kde-telnet-command-execution(10603)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10603.php"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20021111-1.txt"
},
{
"name": "MDKSA-2002:079",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-079.php"
},
{
"name": "20021112 KDE Security Advisory: rlogin.protocol and telnet.protocol URL KIO Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103712550205730\u0026w=2"
},
{
"name": "DSA-204",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2002/dsa-204"
},
{
"name": "RHSA-2002:220",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"name": "6182",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6182"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-11-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in the telnet KIO subsystem (telnet.protocol) of KDE 2.x 2.1 and later allows local and remote attackers to execute arbitrary code via a certain URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CSSA-2003-012.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-012.0.txt"
},
{
"name": "20021114 GLSA: kdelibs",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103728981029342\u0026w=2"
},
{
"name": "8298",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/8298"
},
{
"name": "kde-telnet-command-execution(10603)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10603.php"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20021111-1.txt"
},
{
"name": "MDKSA-2002:079",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-079.php"
},
{
"name": "20021112 KDE Security Advisory: rlogin.protocol and telnet.protocol URL KIO Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103712550205730\u0026w=2"
},
{
"name": "DSA-204",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2002/dsa-204"
},
{
"name": "RHSA-2002:220",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"name": "6182",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6182"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1282",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unknown vulnerability in the telnet KIO subsystem (telnet.protocol) of KDE 2.x 2.1 and later allows local and remote attackers to execute arbitrary code via a certain URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CSSA-2003-012.0",
"refsource": "CALDERA",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-012.0.txt"
},
{
"name": "20021114 GLSA: kdelibs",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103728981029342\u0026w=2"
},
{
"name": "8298",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/8298"
},
{
"name": "kde-telnet-command-execution(10603)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10603.php"
},
{
"name": "http://www.kde.org/info/security/advisory-20021111-1.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20021111-1.txt"
},
{
"name": "MDKSA-2002:079",
"refsource": "MANDRAKE",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-079.php"
},
{
"name": "20021112 KDE Security Advisory: rlogin.protocol and telnet.protocol URL KIO Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103712550205730\u0026w=2"
},
{
"name": "DSA-204",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2002/dsa-204"
},
{
"name": "RHSA-2002:220",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"name": "6182",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6182"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1282",
"datePublished": "2002-11-14T05:00:00",
"dateReserved": "2002-11-12T00:00:00",
"dateUpdated": "2024-08-08T03:19:28.459Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0970 (GCVE-0-2002-0970)
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 03:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The SSL capability for Konqueror in KDE 3.0.2 and earlier does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:12:16.325Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ssl-ca-certificate-spoofing(9776)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9776"
},
{
"name": "RHSA-2002:220",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"name": "5410",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5410"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20020818-1.txt"
},
{
"name": "20020812 Re: IE SSL Vulnerability (Konqueror affected too)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=102918241005893\u0026w=2"
},
{
"name": "CLA-2002:519",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000519"
},
{
"name": "RHSA-2002:221",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-221.html"
},
{
"name": "20020818 KDE Security Advisory: Konqueror SSL vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-08/0170.html"
},
{
"name": "DSA-155",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2002/dsa-155"
},
{
"name": "MDKSA-2002:058",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:058"
},
{
"name": "CSSA-2002-047.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-047.0.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-08-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The SSL capability for Konqueror in KDE 3.0.2 and earlier does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-08-18T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ssl-ca-certificate-spoofing(9776)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9776"
},
{
"name": "RHSA-2002:220",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"name": "5410",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5410"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20020818-1.txt"
},
{
"name": "20020812 Re: IE SSL Vulnerability (Konqueror affected too)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=102918241005893\u0026w=2"
},
{
"name": "CLA-2002:519",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000519"
},
{
"name": "RHSA-2002:221",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-221.html"
},
{
"name": "20020818 KDE Security Advisory: Konqueror SSL vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-08/0170.html"
},
{
"name": "DSA-155",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2002/dsa-155"
},
{
"name": "MDKSA-2002:058",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:058"
},
{
"name": "CSSA-2002-047.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-047.0.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0970",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SSL capability for Konqueror in KDE 3.0.2 and earlier does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ssl-ca-certificate-spoofing(9776)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9776"
},
{
"name": "RHSA-2002:220",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"name": "5410",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5410"
},
{
"name": "http://www.kde.org/info/security/advisory-20020818-1.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20020818-1.txt"
},
{
"name": "20020812 Re: IE SSL Vulnerability (Konqueror affected too)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=102918241005893\u0026w=2"
},
{
"name": "CLA-2002:519",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000519"
},
{
"name": "RHSA-2002:221",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-221.html"
},
{
"name": "20020818 KDE Security Advisory: Konqueror SSL vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-08/0170.html"
},
{
"name": "DSA-155",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2002/dsa-155"
},
{
"name": "MDKSA-2002:058",
"refsource": "MANDRAKE",
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:058"
},
{
"name": "CSSA-2002-047.0",
"refsource": "CALDERA",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-047.0.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0970",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2002-08-21T00:00:00",
"dateUpdated": "2024-08-08T03:12:16.325Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1224 (GCVE-0-2002-1224)
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 03:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Directory traversal vulnerability in kpf for KDE 3.0.1 through KDE 3.0.3a allows remote attackers to read arbitrary files as the kpf user via a URL with a modified icon parameter.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:19:28.640Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2002:220",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20021008-2.txt"
},
{
"name": "20021009 KDE Security Advisory: kpf Directory traversal",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0164.html"
},
{
"name": "5951",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5951"
},
{
"name": "20021011 Security hole in kpf - KDE personal fileserver.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/294991"
},
{
"name": "kpf-icon-view-files(10347)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10347.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-10-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in kpf for KDE 3.0.1 through KDE 3.0.3a allows remote attackers to read arbitrary files as the kpf user via a URL with a modified icon parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-12-11T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2002:220",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20021008-2.txt"
},
{
"name": "20021009 KDE Security Advisory: kpf Directory traversal",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0164.html"
},
{
"name": "5951",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5951"
},
{
"name": "20021011 Security hole in kpf - KDE personal fileserver.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/294991"
},
{
"name": "kpf-icon-view-files(10347)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10347.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1224",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in kpf for KDE 3.0.1 through KDE 3.0.3a allows remote attackers to read arbitrary files as the kpf user via a URL with a modified icon parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2002:220",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"name": "http://www.kde.org/info/security/advisory-20021008-2.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20021008-2.txt"
},
{
"name": "20021009 KDE Security Advisory: kpf Directory traversal",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0164.html"
},
{
"name": "5951",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5951"
},
{
"name": "20021011 Security hole in kpf - KDE personal fileserver.",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/294991"
},
{
"name": "kpf-icon-view-files(10347)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10347.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1224",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2002-10-17T00:00:00",
"dateUpdated": "2024-08-08T03:19:28.640Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1247 (GCVE-0-2002-1247)
Vulnerability from cvelistv5
Published
2002-11-14 05:00
Modified
2024-08-08 03:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in LISa allows local users to gain access to a raw socket via a long LOGNAME environment variable for the resLISa daemon.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:19:27.931Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDKSA-2002:080",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2002:080"
},
{
"name": "DSA-193",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2002/dsa-193"
},
{
"name": "20021114 GLSA: kdelibs",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103728981029342\u0026w=2"
},
{
"name": "20021112 KDE Security Advisory: resLISa / LISa Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103712329102632\u0026w=2"
},
{
"name": "20021111 iDEFENSE Security Advisory 11.11.02: Buffer Overflow in KDE resLISa",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103704823501757\u0026w=2"
},
{
"name": "N-020",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/n-020.shtml"
},
{
"name": "RHSA-2002:220",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"name": "kde-kdenetwork-reslisa-bo(10592)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10592.php"
},
{
"name": "20021111 iDEFENSE Security Advisory 11.11.02: Buffer Overflow in KDE resLISa",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0068.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.idefense.com/advisory/11.11.02.txt"
},
{
"name": "6157",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6157"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-11-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in LISa allows local users to gain access to a raw socket via a long LOGNAME environment variable for the resLISa daemon."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MDKSA-2002:080",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2002:080"
},
{
"name": "DSA-193",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2002/dsa-193"
},
{
"name": "20021114 GLSA: kdelibs",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103728981029342\u0026w=2"
},
{
"name": "20021112 KDE Security Advisory: resLISa / LISa Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103712329102632\u0026w=2"
},
{
"name": "20021111 iDEFENSE Security Advisory 11.11.02: Buffer Overflow in KDE resLISa",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103704823501757\u0026w=2"
},
{
"name": "N-020",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/n-020.shtml"
},
{
"name": "RHSA-2002:220",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"name": "kde-kdenetwork-reslisa-bo(10592)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10592.php"
},
{
"name": "20021111 iDEFENSE Security Advisory 11.11.02: Buffer Overflow in KDE resLISa",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0068.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.idefense.com/advisory/11.11.02.txt"
},
{
"name": "6157",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6157"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1247",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in LISa allows local users to gain access to a raw socket via a long LOGNAME environment variable for the resLISa daemon."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDKSA-2002:080",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2002:080"
},
{
"name": "DSA-193",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2002/dsa-193"
},
{
"name": "20021114 GLSA: kdelibs",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103728981029342\u0026w=2"
},
{
"name": "20021112 KDE Security Advisory: resLISa / LISa Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103712329102632\u0026w=2"
},
{
"name": "20021111 iDEFENSE Security Advisory 11.11.02: Buffer Overflow in KDE resLISa",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103704823501757\u0026w=2"
},
{
"name": "N-020",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/n-020.shtml"
},
{
"name": "RHSA-2002:220",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"name": "kde-kdenetwork-reslisa-bo(10592)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10592.php"
},
{
"name": "20021111 iDEFENSE Security Advisory 11.11.02: Buffer Overflow in KDE resLISa",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0068.html"
},
{
"name": "http://www.idefense.com/advisory/11.11.02.txt",
"refsource": "MISC",
"url": "http://www.idefense.com/advisory/11.11.02.txt"
},
{
"name": "6157",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6157"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1247",
"datePublished": "2002-11-14T05:00:00",
"dateReserved": "2002-11-01T00:00:00",
"dateUpdated": "2024-08-08T03:19:27.931Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0460 (GCVE-0-2000-0460)
Vulnerability from cvelistv5
Published
2000-07-12 04:00
Modified
2024-08-08 05:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in KDE kdesud on Linux allows local uses to gain privileges via a long DISPLAY environmental variable.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:21:29.917Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1274",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1274"
},
{
"name": "20000526 KDE: /usr/bin/kdesud, gid = 0 exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0353.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-05-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in KDE kdesud on Linux allows local uses to gain privileges via a long DISPLAY environmental variable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1274",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1274"
},
{
"name": "20000526 KDE: /usr/bin/kdesud, gid = 0 exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0353.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0460",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in KDE kdesud on Linux allows local uses to gain privileges via a long DISPLAY environmental variable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1274",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1274"
},
{
"name": "20000526 KDE: /usr/bin/kdesud, gid = 0 exploit",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0353.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0460",
"datePublished": "2000-07-12T04:00:00",
"dateReserved": "2000-06-14T00:00:00",
"dateUpdated": "2024-08-08T05:21:29.917Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-1268 (GCVE-0-1999-1268)
Vulnerability from cvelistv5
Published
2001-09-12 04:00
Modified
2024-08-01 17:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Vulnerability in KDE konsole allows local users to hijack or observe sessions of other users by accessing certain devices.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:11:01.695Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "kde-konsole-hijack(1645)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1645"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.kde.org/?l=kde-devel\u0026m=91560433413263\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-01-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in KDE konsole allows local users to hijack or observe sessions of other users by accessing certain devices."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-18T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "kde-konsole-hijack(1645)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1645"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.kde.org/?l=kde-devel\u0026m=91560433413263\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1268",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in KDE konsole allows local users to hijack or observe sessions of other users by accessing certain devices."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "kde-konsole-hijack(1645)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1645"
},
{
"name": "http://lists.kde.org/?l=kde-devel\u0026m=91560433413263\u0026w=2",
"refsource": "MISC",
"url": "http://lists.kde.org/?l=kde-devel\u0026m=91560433413263\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1268",
"datePublished": "2001-09-12T04:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:11:01.695Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1491 (GCVE-0-2004-1491)
Vulnerability from cvelistv5
Published
2005-02-17 05:00
Modified
2024-08-08 00:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:53:24.096Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SR:2005:008",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2005-Mar/0007.html"
},
{
"name": "11901",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11901"
},
{
"name": "pera-kfmclient-command-execution(18457)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18457"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zone-h.org/advisories/read/id=6503"
},
{
"name": "GLSA-200502-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200502-17.xml"
},
{
"name": "13447",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13447/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.opera.com/linux/changelogs/754u2/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "SUSE-SR:2005:008",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2005-Mar/0007.html"
},
{
"name": "11901",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11901"
},
{
"name": "pera-kfmclient-command-execution(18457)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18457"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zone-h.org/advisories/read/id=6503"
},
{
"name": "GLSA-200502-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200502-17.xml"
},
{
"name": "13447",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13447/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.opera.com/linux/changelogs/754u2/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1491",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SR:2005:008",
"refsource": "SUSE",
"url": "http://lists.suse.com/archive/suse-security-announce/2005-Mar/0007.html"
},
{
"name": "11901",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11901"
},
{
"name": "pera-kfmclient-command-execution(18457)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18457"
},
{
"name": "http://www.zone-h.org/advisories/read/id=6503",
"refsource": "MISC",
"url": "http://www.zone-h.org/advisories/read/id=6503"
},
{
"name": "GLSA-200502-17",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200502-17.xml"
},
{
"name": "13447",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13447/"
},
{
"name": "http://www.opera.com/linux/changelogs/754u2/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/linux/changelogs/754u2/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1491",
"datePublished": "2005-02-17T05:00:00",
"dateReserved": "2005-02-17T00:00:00",
"dateUpdated": "2024-08-08T00:53:24.096Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4569 (GCVE-0-2007-4569)
Vulnerability from cvelistv5
Published
2007-09-21 18:00
Modified
2024-08-07 15:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
backend/session.c in KDM in KDE 3.3.0 through 3.5.7, when autologin is configured and "shutdown with password" is enabled, allows remote attackers to bypass the password requirement and login to arbitrary accounts via unspecified vectors.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:01:09.954Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "27271",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27271"
},
{
"name": "GLSA-200710-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200710-15.xml"
},
{
"name": "26904",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26904"
},
{
"name": "26894",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26894"
},
{
"name": "FEDORA-2007-2361",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00022.html"
},
{
"name": "DSA-1376",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1376"
},
{
"name": "FEDORA-2007-716",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00084.html"
},
{
"name": "RHSA-2007:0905",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0905.html"
},
{
"name": "27180",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27180"
},
{
"name": "26915",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26915"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20070919-1.txt"
},
{
"name": "ADV-2007-3227",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3227"
},
{
"name": "26977",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26977"
},
{
"name": "27106",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27106"
},
{
"name": "oval:org.mitre.oval:def:10359",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10359"
},
{
"name": "26929",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26929"
},
{
"name": "SUSE-SR:2007:021",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html"
},
{
"name": "27089",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27089"
},
{
"name": "27096",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27096"
},
{
"name": "MDKSA-2007:190",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:190"
},
{
"name": "1018724",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1018724"
},
{
"name": "kde-kdm-login-security-bypass(36711)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36711"
},
{
"name": "USN-517-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-517-1"
},
{
"name": "25730",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25730"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-1725"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-09-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "backend/session.c in KDM in KDE 3.3.0 through 3.5.7, when autologin is configured and \"shutdown with password\" is enabled, allows remote attackers to bypass the password requirement and login to arbitrary accounts via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "27271",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27271"
},
{
"name": "GLSA-200710-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200710-15.xml"
},
{
"name": "26904",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26904"
},
{
"name": "26894",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26894"
},
{
"name": "FEDORA-2007-2361",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00022.html"
},
{
"name": "DSA-1376",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1376"
},
{
"name": "FEDORA-2007-716",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00084.html"
},
{
"name": "RHSA-2007:0905",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0905.html"
},
{
"name": "27180",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27180"
},
{
"name": "26915",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26915"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20070919-1.txt"
},
{
"name": "ADV-2007-3227",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3227"
},
{
"name": "26977",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26977"
},
{
"name": "27106",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27106"
},
{
"name": "oval:org.mitre.oval:def:10359",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10359"
},
{
"name": "26929",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26929"
},
{
"name": "SUSE-SR:2007:021",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html"
},
{
"name": "27089",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27089"
},
{
"name": "27096",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27096"
},
{
"name": "MDKSA-2007:190",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:190"
},
{
"name": "1018724",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1018724"
},
{
"name": "kde-kdm-login-security-bypass(36711)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36711"
},
{
"name": "USN-517-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-517-1"
},
{
"name": "25730",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25730"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-1725"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2007-4569",
"datePublished": "2007-09-21T18:00:00",
"dateReserved": "2007-08-28T00:00:00",
"dateUpdated": "2024-08-07T15:01:09.954Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0690 (GCVE-0-2003-0690)
Vulnerability from cvelistv5
Published
2003-09-18 04:00
Modified
2024-08-08 02:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
KDM in KDE 3.1.3 and earlier does not verify whether the pam_setcred function call succeeds, which may allow attackers to gain root privileges by triggering error conditions within PAM modules, as demonstrated in certain configurations of the MIT pam_krb5 module.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:05:12.192Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CLA-2003:747",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000747"
},
{
"name": "oval:org.mitre.oval:def:193",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A193"
},
{
"name": "20030916 [KDE SECURITY ADVISORY] KDM vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106374551513499\u0026w=2"
},
{
"name": "DSA-443",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-443"
},
{
"name": "RHSA-2003:289",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-289.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://cert.uni-stuttgart.de/archive/suse/security/2002/12/msg00101.html"
},
{
"name": "RHSA-2003:287",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-287.html"
},
{
"name": "RHSA-2003:270",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-270.html"
},
{
"name": "RHSA-2003:286",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-286.html"
},
{
"name": "DSA-388",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-388"
},
{
"name": "MDKSA-2003:091",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:091"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20030916-1.txt"
},
{
"name": "RHSA-2003:288",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-288.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-09-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "KDM in KDE 3.1.3 and earlier does not verify whether the pam_setcred function call succeeds, which may allow attackers to gain root privileges by triggering error conditions within PAM modules, as demonstrated in certain configurations of the MIT pam_krb5 module."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CLA-2003:747",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000747"
},
{
"name": "oval:org.mitre.oval:def:193",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A193"
},
{
"name": "20030916 [KDE SECURITY ADVISORY] KDM vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106374551513499\u0026w=2"
},
{
"name": "DSA-443",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-443"
},
{
"name": "RHSA-2003:289",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-289.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://cert.uni-stuttgart.de/archive/suse/security/2002/12/msg00101.html"
},
{
"name": "RHSA-2003:287",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-287.html"
},
{
"name": "RHSA-2003:270",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-270.html"
},
{
"name": "RHSA-2003:286",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-286.html"
},
{
"name": "DSA-388",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-388"
},
{
"name": "MDKSA-2003:091",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:091"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20030916-1.txt"
},
{
"name": "RHSA-2003:288",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-288.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0690",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "KDM in KDE 3.1.3 and earlier does not verify whether the pam_setcred function call succeeds, which may allow attackers to gain root privileges by triggering error conditions within PAM modules, as demonstrated in certain configurations of the MIT pam_krb5 module."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CLA-2003:747",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000747"
},
{
"name": "oval:org.mitre.oval:def:193",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A193"
},
{
"name": "20030916 [KDE SECURITY ADVISORY] KDM vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=106374551513499\u0026w=2"
},
{
"name": "DSA-443",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-443"
},
{
"name": "RHSA-2003:289",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-289.html"
},
{
"name": "http://cert.uni-stuttgart.de/archive/suse/security/2002/12/msg00101.html",
"refsource": "MISC",
"url": "http://cert.uni-stuttgart.de/archive/suse/security/2002/12/msg00101.html"
},
{
"name": "RHSA-2003:287",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-287.html"
},
{
"name": "RHSA-2003:270",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-270.html"
},
{
"name": "RHSA-2003:286",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-286.html"
},
{
"name": "DSA-388",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-388"
},
{
"name": "MDKSA-2003:091",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:091"
},
{
"name": "http://www.kde.org/info/security/advisory-20030916-1.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20030916-1.txt"
},
{
"name": "RHSA-2003:288",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-288.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0690",
"datePublished": "2003-09-18T04:00:00",
"dateReserved": "2003-08-14T00:00:00",
"dateUpdated": "2024-08-08T02:05:12.192Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1223 (GCVE-0-2002-1223)
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 03:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in DSC 3.0 parser from GSview, as used in KGhostView in KDE 1.1 and KDE 3.0.3a, may allow attackers to cause a denial of service or execute arbitrary code via a modified .ps (PostScript) input file.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:19:28.513Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20021008-1.txt"
},
{
"name": "N-155",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/n-155.shtml"
},
{
"name": "RHSA-2002:220",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"name": "101426",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101426-1"
},
{
"name": "20021009 KDE Security Advisory: KGhostview Arbitary Code Execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0163.html"
},
{
"name": "MDKSA-2002:071",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:071"
},
{
"name": "gsview-dsc-ps-bo(11319)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/11319.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-10-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in DSC 3.0 parser from GSview, as used in KGhostView in KDE 1.1 and KDE 3.0.3a, may allow attackers to cause a denial of service or execute arbitrary code via a modified .ps (PostScript) input file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-12-11T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20021008-1.txt"
},
{
"name": "N-155",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/n-155.shtml"
},
{
"name": "RHSA-2002:220",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"name": "101426",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101426-1"
},
{
"name": "20021009 KDE Security Advisory: KGhostview Arbitary Code Execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0163.html"
},
{
"name": "MDKSA-2002:071",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:071"
},
{
"name": "gsview-dsc-ps-bo(11319)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/11319.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1223",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in DSC 3.0 parser from GSview, as used in KGhostView in KDE 1.1 and KDE 3.0.3a, may allow attackers to cause a denial of service or execute arbitrary code via a modified .ps (PostScript) input file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.kde.org/info/security/advisory-20021008-1.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20021008-1.txt"
},
{
"name": "N-155",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/n-155.shtml"
},
{
"name": "RHSA-2002:220",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"name": "101426",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101426-1"
},
{
"name": "20021009 KDE Security Advisory: KGhostview Arbitary Code Execution",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0163.html"
},
{
"name": "MDKSA-2002:071",
"refsource": "MANDRAKE",
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:071"
},
{
"name": "gsview-dsc-ps-bo(11319)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/11319.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1223",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2002-10-17T00:00:00",
"dateUpdated": "2024-08-08T03:19:28.513Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0227 (GCVE-0-2002-0227)
Vulnerability from cvelistv5
Published
2002-05-03 04:00
Modified
2024-08-08 02:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
KICQ 2.0.0b1 allows remote attackers to cause a denial of service (crash) via a malformed message.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:42:28.523Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "4018",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4018"
},
{
"name": "20020201 KICQ 2.0.0b1 can be remotely crashed",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101266856410129\u0026w=2"
},
{
"name": "kicq-telnet-dos(8064)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/8064.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-02-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "KICQ 2.0.0b1 allows remote attackers to cause a denial of service (crash) via a malformed message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "4018",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4018"
},
{
"name": "20020201 KICQ 2.0.0b1 can be remotely crashed",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101266856410129\u0026w=2"
},
{
"name": "kicq-telnet-dos(8064)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/8064.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0227",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "KICQ 2.0.0b1 allows remote attackers to cause a denial of service (crash) via a malformed message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "4018",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4018"
},
{
"name": "20020201 KICQ 2.0.0b1 can be remotely crashed",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=101266856410129\u0026w=2"
},
{
"name": "kicq-telnet-dos(8064)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8064.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0227",
"datePublished": "2002-05-03T04:00:00",
"dateReserved": "2002-05-01T00:00:00",
"dateUpdated": "2024-08-08T02:42:28.523Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1671 (GCVE-0-2008-1671)
Vulnerability from cvelistv5
Published
2008-04-28 17:00
Modified
2024-08-07 08:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
start_kdeinit in KDE 3.5.5 through 3.5.9, when installed setuid root, allows local users to cause a denial of service and possibly execute arbitrary code via "user-influenceable input" (probably command-line arguments) that cause start_kdeinit to send SIGUSR1 signals to other processes.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:32:00.600Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30113",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30113"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "ftp://ftp.kde.org/pub/kde/security_patches/post-kde-3.5.5-kinit.diff"
},
{
"name": "GLSA-200804-30",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200804-30.xml"
},
{
"name": "SUSE-SR:2008:011",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html"
},
{
"name": "1019924",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019924"
},
{
"name": "29977",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29977"
},
{
"name": "USN-608-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-608-1"
},
{
"name": "29951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29951"
},
{
"name": "ADV-2008-1370",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1370/references"
},
{
"name": "28938",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28938"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20080426-2.txt"
},
{
"name": "MDVSA-2008:097",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:097"
},
{
"name": "kde-startkdeinit-privilege-escalation(42039)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42039"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-04-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "start_kdeinit in KDE 3.5.5 through 3.5.9, when installed setuid root, allows local users to cause a denial of service and possibly execute arbitrary code via \"user-influenceable input\" (probably command-line arguments) that cause start_kdeinit to send SIGUSR1 signals to other processes."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "30113",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30113"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "ftp://ftp.kde.org/pub/kde/security_patches/post-kde-3.5.5-kinit.diff"
},
{
"name": "GLSA-200804-30",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200804-30.xml"
},
{
"name": "SUSE-SR:2008:011",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html"
},
{
"name": "1019924",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019924"
},
{
"name": "29977",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29977"
},
{
"name": "USN-608-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-608-1"
},
{
"name": "29951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29951"
},
{
"name": "ADV-2008-1370",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1370/references"
},
{
"name": "28938",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28938"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20080426-2.txt"
},
{
"name": "MDVSA-2008:097",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:097"
},
{
"name": "kde-startkdeinit-privilege-escalation(42039)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42039"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2008-1671",
"datePublished": "2008-04-28T17:00:00",
"dateReserved": "2008-04-03T00:00:00",
"dateUpdated": "2024-08-07T08:32:00.600Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1281 (GCVE-0-2002-1281)
Vulnerability from cvelistv5
Published
2002-11-14 05:00
Modified
2024-08-08 03:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unknown vulnerability in the rlogin KIO subsystem (rlogin.protocol) of KDE 2.x 2.1 and later, and KDE 3.x 3.0.4 and earlier, allows local and remote attackers to execute arbitrary code via a certain URL.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:19:28.656Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CSSA-2003-012.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-012.0.txt"
},
{
"name": "kde-rlogin-command-execution(10602)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10602.php"
},
{
"name": "20021114 GLSA: kdelibs",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103728981029342\u0026w=2"
},
{
"name": "8298",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/8298"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20021111-1.txt"
},
{
"name": "MDKSA-2002:079",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-079.php"
},
{
"name": "20021112 KDE Security Advisory: rlogin.protocol and telnet.protocol URL KIO Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103712550205730\u0026w=2"
},
{
"name": "DSA-204",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2002/dsa-204"
},
{
"name": "RHSA-2002:220",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"name": "6182",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6182"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-11-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in the rlogin KIO subsystem (rlogin.protocol) of KDE 2.x 2.1 and later, and KDE 3.x 3.0.4 and earlier, allows local and remote attackers to execute arbitrary code via a certain URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CSSA-2003-012.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-012.0.txt"
},
{
"name": "kde-rlogin-command-execution(10602)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10602.php"
},
{
"name": "20021114 GLSA: kdelibs",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103728981029342\u0026w=2"
},
{
"name": "8298",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/8298"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20021111-1.txt"
},
{
"name": "MDKSA-2002:079",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-079.php"
},
{
"name": "20021112 KDE Security Advisory: rlogin.protocol and telnet.protocol URL KIO Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103712550205730\u0026w=2"
},
{
"name": "DSA-204",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2002/dsa-204"
},
{
"name": "RHSA-2002:220",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"name": "6182",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6182"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1281",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unknown vulnerability in the rlogin KIO subsystem (rlogin.protocol) of KDE 2.x 2.1 and later, and KDE 3.x 3.0.4 and earlier, allows local and remote attackers to execute arbitrary code via a certain URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CSSA-2003-012.0",
"refsource": "CALDERA",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-012.0.txt"
},
{
"name": "kde-rlogin-command-execution(10602)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10602.php"
},
{
"name": "20021114 GLSA: kdelibs",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103728981029342\u0026w=2"
},
{
"name": "8298",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/8298"
},
{
"name": "http://www.kde.org/info/security/advisory-20021111-1.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20021111-1.txt"
},
{
"name": "MDKSA-2002:079",
"refsource": "MANDRAKE",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-079.php"
},
{
"name": "20021112 KDE Security Advisory: rlogin.protocol and telnet.protocol URL KIO Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103712550205730\u0026w=2"
},
{
"name": "DSA-204",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2002/dsa-204"
},
{
"name": "RHSA-2002:220",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"name": "6182",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6182"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1281",
"datePublished": "2002-11-14T05:00:00",
"dateReserved": "2002-11-12T00:00:00",
"dateUpdated": "2024-08-08T03:19:28.656Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-1046 (GCVE-0-2005-1046)
Vulnerability from cvelistv5
Published
2005-04-12 04:00
Modified
2024-08-07 21:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in the kimgio library for KDE 3.4.0 allows remote attackers to execute arbitrary code via a crafted PCX image file.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:35:59.901Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:11081",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11081"
},
{
"name": "SUSE-SA:2005:022",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_22_kdelibs3.html"
},
{
"name": "oval:org.mitre.oval:def:5802",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5802"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20050421-1.txt"
},
{
"name": "FLSA:178606",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/427976/100/0/threaded"
},
{
"name": "ADV-2005-0331",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/0331"
},
{
"name": "14908",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14908"
},
{
"name": "201320",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201320-1"
},
{
"name": "DSA-714",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-714"
},
{
"name": "28114",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28114"
},
{
"name": "103170",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103170-1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.kde.org/show_bug.cgi?id=102328"
},
{
"name": "13096",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/13096"
},
{
"name": "RHSA-2005:393",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-393.html"
},
{
"name": "ADV-2007-4241",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/4241"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-04-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the kimgio library for KDE 3.4.0 allows remote attackers to execute arbitrary code via a crafted PCX image file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:11081",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11081"
},
{
"name": "SUSE-SA:2005:022",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_22_kdelibs3.html"
},
{
"name": "oval:org.mitre.oval:def:5802",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5802"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20050421-1.txt"
},
{
"name": "FLSA:178606",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/427976/100/0/threaded"
},
{
"name": "ADV-2005-0331",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/0331"
},
{
"name": "14908",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14908"
},
{
"name": "201320",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201320-1"
},
{
"name": "DSA-714",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-714"
},
{
"name": "28114",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28114"
},
{
"name": "103170",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103170-1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.kde.org/show_bug.cgi?id=102328"
},
{
"name": "13096",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/13096"
},
{
"name": "RHSA-2005:393",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-393.html"
},
{
"name": "ADV-2007-4241",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/4241"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1046",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the kimgio library for KDE 3.4.0 allows remote attackers to execute arbitrary code via a crafted PCX image file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:11081",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11081"
},
{
"name": "SUSE-SA:2005:022",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2005_22_kdelibs3.html"
},
{
"name": "oval:org.mitre.oval:def:5802",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5802"
},
{
"name": "http://www.kde.org/info/security/advisory-20050421-1.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20050421-1.txt"
},
{
"name": "FLSA:178606",
"refsource": "FEDORA",
"url": "http://www.securityfocus.com/archive/1/427976/100/0/threaded"
},
{
"name": "ADV-2005-0331",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/0331"
},
{
"name": "14908",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14908"
},
{
"name": "201320",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201320-1"
},
{
"name": "DSA-714",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-714"
},
{
"name": "28114",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28114"
},
{
"name": "103170",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103170-1"
},
{
"name": "http://bugs.kde.org/show_bug.cgi?id=102328",
"refsource": "MISC",
"url": "http://bugs.kde.org/show_bug.cgi?id=102328"
},
{
"name": "13096",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/13096"
},
{
"name": "RHSA-2005:393",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-393.html"
},
{
"name": "ADV-2007-4241",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4241"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-1046",
"datePublished": "2005-04-12T04:00:00",
"dateReserved": "2005-04-12T00:00:00",
"dateUpdated": "2024-08-07T21:35:59.901Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0690 (GCVE-0-2004-0690)
Vulnerability from cvelistv5
Published
2004-09-14 04:00
Modified
2024-08-08 00:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The DCOPServer in KDE 3.2.3 and earlier allows local users to gain unauthorized access via a symlink attack on DCOP files in the /tmp directory.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:24:27.164Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CLA-2004:864",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000864"
},
{
"name": "kde-dcopserver-symlink(16962)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16962"
},
{
"name": "12276",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/12276"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=261386"
},
{
"name": "MDKSA-2004:086",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:086"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20040811-2.txt"
},
{
"name": "VU#330638",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/330638"
},
{
"name": "10924",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10924"
},
{
"name": "200408-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200408-13.xml"
},
{
"name": "20040811 KDE Security Advisories: Temporary File and Konqueror Frame Injection Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109225538901170\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-08-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The DCOPServer in KDE 3.2.3 and earlier allows local users to gain unauthorized access via a symlink attack on DCOP files in the /tmp directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CLA-2004:864",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000864"
},
{
"name": "kde-dcopserver-symlink(16962)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16962"
},
{
"name": "12276",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/12276"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=261386"
},
{
"name": "MDKSA-2004:086",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:086"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20040811-2.txt"
},
{
"name": "VU#330638",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/330638"
},
{
"name": "10924",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10924"
},
{
"name": "200408-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200408-13.xml"
},
{
"name": "20040811 KDE Security Advisories: Temporary File and Konqueror Frame Injection Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109225538901170\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0690",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DCOPServer in KDE 3.2.3 and earlier allows local users to gain unauthorized access via a symlink attack on DCOP files in the /tmp directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CLA-2004:864",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000864"
},
{
"name": "kde-dcopserver-symlink(16962)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16962"
},
{
"name": "12276",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12276"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=261386",
"refsource": "MISC",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=261386"
},
{
"name": "MDKSA-2004:086",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:086"
},
{
"name": "http://www.kde.org/info/security/advisory-20040811-2.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20040811-2.txt"
},
{
"name": "VU#330638",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/330638"
},
{
"name": "10924",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10924"
},
{
"name": "200408-13",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200408-13.xml"
},
{
"name": "20040811 KDE Security Advisories: Temporary File and Konqueror Frame Injection Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=109225538901170\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0690",
"datePublished": "2004-09-14T04:00:00",
"dateReserved": "2004-07-13T00:00:00",
"dateUpdated": "2024-08-08T00:24:27.164Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-1852 (GCVE-0-2005-1852)
Vulnerability from cvelistv5
Published
2005-07-26 04:00
Modified
2024-08-07 22:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:06:57.721Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20050721-1.txt"
},
{
"name": "16140",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16140"
},
{
"name": "oval:org.mitre.oval:def:9532",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9532"
},
{
"name": "GLSA-200507-26",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200507-26.xml"
},
{
"name": "14345",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14345"
},
{
"name": "16242",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16242"
},
{
"name": "GLSA-200507-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200507-23.xml"
},
{
"name": "SUSE-SR:2005:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html"
},
{
"name": "20050721 Multiple vulnerabilities in libgadu and ekg package",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112198499417250\u0026w=2"
},
{
"name": "RHSA-2005:639",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-639.html"
},
{
"name": "FEDORA-2005-624",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lwn.net/Articles/144724/"
},
{
"name": "16211",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16211"
},
{
"name": "16155",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16155"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-07-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20050721-1.txt"
},
{
"name": "16140",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16140"
},
{
"name": "oval:org.mitre.oval:def:9532",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9532"
},
{
"name": "GLSA-200507-26",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200507-26.xml"
},
{
"name": "14345",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14345"
},
{
"name": "16242",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16242"
},
{
"name": "GLSA-200507-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200507-23.xml"
},
{
"name": "SUSE-SR:2005:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html"
},
{
"name": "20050721 Multiple vulnerabilities in libgadu and ekg package",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112198499417250\u0026w=2"
},
{
"name": "RHSA-2005:639",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-639.html"
},
{
"name": "FEDORA-2005-624",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lwn.net/Articles/144724/"
},
{
"name": "16211",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16211"
},
{
"name": "16155",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16155"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2005-1852",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.kde.org/info/security/advisory-20050721-1.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20050721-1.txt"
},
{
"name": "16140",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16140"
},
{
"name": "oval:org.mitre.oval:def:9532",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9532"
},
{
"name": "GLSA-200507-26",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200507-26.xml"
},
{
"name": "14345",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14345"
},
{
"name": "16242",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16242"
},
{
"name": "GLSA-200507-23",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200507-23.xml"
},
{
"name": "SUSE-SR:2005:019",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html"
},
{
"name": "20050721 Multiple vulnerabilities in libgadu and ekg package",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=112198499417250\u0026w=2"
},
{
"name": "RHSA-2005:639",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-639.html"
},
{
"name": "FEDORA-2005-624",
"refsource": "FEDORA",
"url": "http://lwn.net/Articles/144724/"
},
{
"name": "16211",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16211"
},
{
"name": "16155",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16155"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2005-1852",
"datePublished": "2005-07-26T04:00:00",
"dateReserved": "2005-06-06T00:00:00",
"dateUpdated": "2024-08-07T22:06:57.721Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2101 (GCVE-0-2005-2101)
Vulnerability from cvelistv5
Published
2005-08-17 04:00
Modified
2024-08-07 22:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
langen2kvtml in KDE 3.0 to 3.4.2 creates insecure temporary files in /tmp with predictable names, which allows local users to overwrite arbitrary files.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:15:37.383Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "14561",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14561"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20050815-1.txt"
},
{
"name": "DSA-818",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-818"
},
{
"name": "16428",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16428"
},
{
"name": "MDKSA-2005:159",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:159"
},
{
"name": "1014675",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1014675"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-08-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "langen2kvtml in KDE 3.0 to 3.4.2 creates insecure temporary files in /tmp with predictable names, which allows local users to overwrite arbitrary files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-09-20T09:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "14561",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14561"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20050815-1.txt"
},
{
"name": "DSA-818",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-818"
},
{
"name": "16428",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16428"
},
{
"name": "MDKSA-2005:159",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:159"
},
{
"name": "1014675",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1014675"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2005-2101",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "langen2kvtml in KDE 3.0 to 3.4.2 creates insecure temporary files in /tmp with predictable names, which allows local users to overwrite arbitrary files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "14561",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14561"
},
{
"name": "http://www.kde.org/info/security/advisory-20050815-1.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20050815-1.txt"
},
{
"name": "DSA-818",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-818"
},
{
"name": "16428",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16428"
},
{
"name": "MDKSA-2005:159",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:159"
},
{
"name": "1014675",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014675"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-2101",
"datePublished": "2005-08-17T04:00:00",
"dateReserved": "2005-06-30T00:00:00",
"dateUpdated": "2024-08-07T22:15:37.383Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0393 (GCVE-0-2000-0393)
Vulnerability from cvelistv5
Published
2000-07-12 04:00
Modified
2024-08-08 05:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The KDE kscd program does not drop privileges when executing a program specified in a user's SHELL environmental variable, which allows the user to gain privileges by specifying an alternate program to execute.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:14:21.539Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20000529 kmulti \u003c= 1.1.2",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/suse_security_announce_50.html"
},
{
"name": "1206",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1206"
},
{
"name": "20000516 kscd vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0172.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-05-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The KDE kscd program does not drop privileges when executing a program specified in a user\u0027s SHELL environmental variable, which allows the user to gain privileges by specifying an alternate program to execute."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20000529 kmulti \u003c= 1.1.2",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/suse_security_announce_50.html"
},
{
"name": "1206",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1206"
},
{
"name": "20000516 kscd vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0172.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0393",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The KDE kscd program does not drop privileges when executing a program specified in a user\u0027s SHELL environmental variable, which allows the user to gain privileges by specifying an alternate program to execute."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20000529 kmulti \u003c= 1.1.2",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/suse_security_announce_50.html"
},
{
"name": "1206",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1206"
},
{
"name": "20000516 kscd vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0172.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0393",
"datePublished": "2000-07-12T04:00:00",
"dateReserved": "2000-06-14T00:00:00",
"dateUpdated": "2024-08-08T05:14:21.539Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0780 (GCVE-0-1999-0780)
Vulnerability from cvelistv5
Published
2000-04-25 04:00
Modified
2024-08-01 16:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
KDE klock allows local users to kill arbitrary processes by specifying an arbitrary PID in the .kss.pid file.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:48:37.971Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19981118 Multiple KDE security vulnerabilities (root compromise)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=91141486301691\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "KDE klock allows local users to kill arbitrary processes by specifying an arbitrary PID in the .kss.pid file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19981118 Multiple KDE security vulnerabilities (root compromise)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=91141486301691\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0780",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "KDE klock allows local users to kill arbitrary processes by specifying an arbitrary PID in the .kss.pid file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19981118 Multiple KDE security vulnerabilities (root compromise)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=91141486301691\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0780",
"datePublished": "2000-04-25T04:00:00",
"dateReserved": "1999-11-25T00:00:00",
"dateUpdated": "2024-08-01T16:48:37.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0011 (GCVE-0-2005-0011)
Vulnerability from cvelistv5
Published
2005-02-16 05:00
Modified
2024-08-07 20:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple vulnerabilities in fliccd, when installed setuid root as part of the kdeedu Kstars support for Instrument Neutral Distributed Interface (INDI) in KDE 3.3 to 3.3.2, allow local users and remote attackers to execute arbitrary code via stack-based buffer overflows.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:57:41.117Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2005-148",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2005-February/msg00044.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20050215-1.txt"
},
{
"name": "GLSA-200502-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200502-23.xml"
},
{
"name": "14306",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14306"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-02-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in fliccd, when installed setuid root as part of the kdeedu Kstars support for Instrument Neutral Distributed Interface (INDI) in KDE 3.3 to 3.3.2, allow local users and remote attackers to execute arbitrary code via stack-based buffer overflows."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-02-20T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FEDORA-2005-148",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2005-February/msg00044.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20050215-1.txt"
},
{
"name": "GLSA-200502-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200502-23.xml"
},
{
"name": "14306",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14306"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0011",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities in fliccd, when installed setuid root as part of the kdeedu Kstars support for Instrument Neutral Distributed Interface (INDI) in KDE 3.3 to 3.3.2, allow local users and remote attackers to execute arbitrary code via stack-based buffer overflows."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2005-148",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-announce-list/2005-February/msg00044.html"
},
{
"name": "http://www.kde.org/info/security/advisory-20050215-1.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20050215-1.txt"
},
{
"name": "GLSA-200502-23",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200502-23.xml"
},
{
"name": "14306",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14306"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0011",
"datePublished": "2005-02-16T05:00:00",
"dateReserved": "2005-01-04T00:00:00",
"dateUpdated": "2024-08-07T20:57:41.117Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1152 (GCVE-0-2002-1152)
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 03:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Konqueror in KDE 3.0 through 3.0.2 does not properly detect the "secure" flag in an HTTP cookie, which could cause Konqueror to send the cookie across an unencrypted channel, which could allow remote attackers to steal the cookie via sniffing.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:12:16.909Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2002:220",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20020908-1.txt"
},
{
"name": "5691",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5691"
},
{
"name": "20020910 KDE Security Advisory: Secure Cookie Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103175827225044\u0026w=2"
},
{
"name": "kde-konqueror-cookie-hijacking(10083)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10083.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-09-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Konqueror in KDE 3.0 through 3.0.2 does not properly detect the \"secure\" flag in an HTTP cookie, which could cause Konqueror to send the cookie across an unencrypted channel, which could allow remote attackers to steal the cookie via sniffing."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-12-03T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2002:220",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20020908-1.txt"
},
{
"name": "5691",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5691"
},
{
"name": "20020910 KDE Security Advisory: Secure Cookie Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103175827225044\u0026w=2"
},
{
"name": "kde-konqueror-cookie-hijacking(10083)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10083.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1152",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Konqueror in KDE 3.0 through 3.0.2 does not properly detect the \"secure\" flag in an HTTP cookie, which could cause Konqueror to send the cookie across an unencrypted channel, which could allow remote attackers to steal the cookie via sniffing."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2002:220",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"name": "http://www.kde.org/info/security/advisory-20020908-1.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20020908-1.txt"
},
{
"name": "5691",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5691"
},
{
"name": "20020910 KDE Security Advisory: Secure Cookie Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103175827225044\u0026w=2"
},
{
"name": "kde-konqueror-cookie-hijacking(10083)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10083.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1152",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2002-09-24T00:00:00",
"dateUpdated": "2024-08-08T03:12:16.909Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0404 (GCVE-0-2005-0404)
Vulnerability from cvelistv5
Published
2005-04-13 04:00
Modified
2024-08-07 21:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
KMail 1.7.1 in KDE 3.3.2 allows remote attackers to spoof email information, such as whether the email has been digitally signed or encrypted, via HTML formatted email.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:13:54.229Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[kmail-devel] 20050215 [Bug 96020] HTML Allows Spoofing of Emails Content",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://mail.kde.org/pipermail/kmail-devel/2005-February/015490.html"
},
{
"name": "14925",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14925"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.kde.org/show_bug.cgi?id=96020"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securiteam.com/unixfocus/5GP0B0AFFE.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "KMail 1.7.1 in KDE 3.3.2 allows remote attackers to spoof email information, such as whether the email has been digitally signed or encrypted, via HTML formatted email."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-15T16:38:22",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[kmail-devel] 20050215 [Bug 96020] HTML Allows Spoofing of Emails Content",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://mail.kde.org/pipermail/kmail-devel/2005-February/015490.html"
},
{
"name": "14925",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14925"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.kde.org/show_bug.cgi?id=96020"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securiteam.com/unixfocus/5GP0B0AFFE.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0404",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "KMail 1.7.1 in KDE 3.3.2 allows remote attackers to spoof email information, such as whether the email has been digitally signed or encrypted, via HTML formatted email."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[kmail-devel] 20050215 [Bug 96020] HTML Allows Spoofing of Emails Content",
"refsource": "MLIST",
"url": "http://mail.kde.org/pipermail/kmail-devel/2005-February/015490.html"
},
{
"name": "14925",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14925"
},
{
"name": "http://bugs.kde.org/show_bug.cgi?id=96020",
"refsource": "MISC",
"url": "http://bugs.kde.org/show_bug.cgi?id=96020"
},
{
"name": "http://www.securiteam.com/unixfocus/5GP0B0AFFE.html",
"refsource": "MISC",
"url": "http://www.securiteam.com/unixfocus/5GP0B0AFFE.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0404",
"datePublished": "2005-04-13T04:00:00",
"dateReserved": "2005-02-14T00:00:00",
"dateUpdated": "2024-08-07T21:13:54.229Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0781 (GCVE-0-1999-0781)
Vulnerability from cvelistv5
Published
2000-04-25 04:00
Modified
2024-08-01 16:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:48:38.136Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19981118 Multiple KDE security vulnerabilities (root compromise)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=91141486301691\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19981118 Multiple KDE security vulnerabilities (root compromise)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=91141486301691\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0781",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19981118 Multiple KDE security vulnerabilities (root compromise)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=91141486301691\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0781",
"datePublished": "2000-04-25T04:00:00",
"dateReserved": "1999-11-25T00:00:00",
"dateUpdated": "2024-08-01T16:48:38.136Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0886 (GCVE-0-2004-0886)
Vulnerability from cvelistv5
Published
2004-10-26 04:00
Modified
2024-08-08 00:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:47.875Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2004:577",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-577.html"
},
{
"name": "MDKSA-2004:109",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:109"
},
{
"name": "RHSA-2005:021",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-021.html"
},
{
"name": "P-015",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/p-015.shtml"
},
{
"name": "201072",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1"
},
{
"name": "oval:org.mitre.oval:def:9907",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9907"
},
{
"name": "101677",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1"
},
{
"name": "SUSE-SA:2004:038",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2004_38_libtiff.html"
},
{
"name": "VU#687568",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/687568"
},
{
"name": "1011674",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1011674"
},
{
"name": "CLA-2004:888",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000888"
},
{
"name": "MDKSA-2005:052",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052"
},
{
"name": "libtiff-bo(17715)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17715"
},
{
"name": "2004-0054",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2004/0054/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20041209-2.txt"
},
{
"name": "RHSA-2005:354",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
},
{
"name": "12818",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/12818"
},
{
"name": "11406",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11406"
},
{
"name": "oval:org.mitre.oval:def:100116",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100116"
},
{
"name": "DSA-567",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-567"
},
{
"name": "OpenPKG-SA-2004.043",
"tags": [
"vendor-advisory",
"x_refsource_OPENPKG",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109779465621929\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-10-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2004:577",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-577.html"
},
{
"name": "MDKSA-2004:109",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:109"
},
{
"name": "RHSA-2005:021",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-021.html"
},
{
"name": "P-015",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/p-015.shtml"
},
{
"name": "201072",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1"
},
{
"name": "oval:org.mitre.oval:def:9907",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9907"
},
{
"name": "101677",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1"
},
{
"name": "SUSE-SA:2004:038",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2004_38_libtiff.html"
},
{
"name": "VU#687568",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/687568"
},
{
"name": "1011674",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1011674"
},
{
"name": "CLA-2004:888",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000888"
},
{
"name": "MDKSA-2005:052",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052"
},
{
"name": "libtiff-bo(17715)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17715"
},
{
"name": "2004-0054",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2004/0054/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20041209-2.txt"
},
{
"name": "RHSA-2005:354",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
},
{
"name": "12818",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/12818"
},
{
"name": "11406",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11406"
},
{
"name": "oval:org.mitre.oval:def:100116",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100116"
},
{
"name": "DSA-567",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-567"
},
{
"name": "OpenPKG-SA-2004.043",
"tags": [
"vendor-advisory",
"x_refsource_OPENPKG"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109779465621929\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0886",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2004:577",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-577.html"
},
{
"name": "MDKSA-2004:109",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:109"
},
{
"name": "RHSA-2005:021",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-021.html"
},
{
"name": "P-015",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/p-015.shtml"
},
{
"name": "201072",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1"
},
{
"name": "oval:org.mitre.oval:def:9907",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9907"
},
{
"name": "101677",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1"
},
{
"name": "SUSE-SA:2004:038",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2004_38_libtiff.html"
},
{
"name": "VU#687568",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/687568"
},
{
"name": "1011674",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1011674"
},
{
"name": "CLA-2004:888",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000888"
},
{
"name": "MDKSA-2005:052",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052"
},
{
"name": "libtiff-bo(17715)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17715"
},
{
"name": "2004-0054",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2004/0054/"
},
{
"name": "http://www.kde.org/info/security/advisory-20041209-2.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20041209-2.txt"
},
{
"name": "RHSA-2005:354",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
},
{
"name": "12818",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12818"
},
{
"name": "11406",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11406"
},
{
"name": "oval:org.mitre.oval:def:100116",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100116"
},
{
"name": "DSA-567",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-567"
},
{
"name": "OpenPKG-SA-2004.043",
"refsource": "OPENPKG",
"url": "http://marc.info/?l=bugtraq\u0026m=109779465621929\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0886",
"datePublished": "2004-10-26T04:00:00",
"dateReserved": "2004-09-22T00:00:00",
"dateUpdated": "2024-08-08T00:31:47.875Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0370 (GCVE-0-2003-0370)
Vulnerability from cvelistv5
Published
2003-06-05 04:00
Modified
2024-08-08 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:50:47.981Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2003:192",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-192.html"
},
{
"name": "20030510 [forward]Apple Safari and Konqueror Embedded Common Name Verification Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-May/004983.html"
},
{
"name": "TLSA-2003-36",
"tags": [
"vendor-advisory",
"x_refsource_TURBO",
"x_transferred"
],
"url": "http://www.turbolinux.com/security/TLSA-2003-36.txt"
},
{
"name": "RHSA-2003:193",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-193.html"
},
{
"name": "20030507 Problem: Multiple Web Browsers do not do not validate CN on certificates.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/320707"
},
{
"name": "DSA-361",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-361"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20030602-1.txt"
},
{
"name": "7520",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7520"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-05-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-06-06T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2003:192",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-192.html"
},
{
"name": "20030510 [forward]Apple Safari and Konqueror Embedded Common Name Verification Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-May/004983.html"
},
{
"name": "TLSA-2003-36",
"tags": [
"vendor-advisory",
"x_refsource_TURBO"
],
"url": "http://www.turbolinux.com/security/TLSA-2003-36.txt"
},
{
"name": "RHSA-2003:193",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-193.html"
},
{
"name": "20030507 Problem: Multiple Web Browsers do not do not validate CN on certificates.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/320707"
},
{
"name": "DSA-361",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-361"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20030602-1.txt"
},
{
"name": "7520",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7520"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0370",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2003:192",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-192.html"
},
{
"name": "20030510 [forward]Apple Safari and Konqueror Embedded Common Name Verification Vulnerability",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-May/004983.html"
},
{
"name": "TLSA-2003-36",
"refsource": "TURBO",
"url": "http://www.turbolinux.com/security/TLSA-2003-36.txt"
},
{
"name": "RHSA-2003:193",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-193.html"
},
{
"name": "20030507 Problem: Multiple Web Browsers do not do not validate CN on certificates.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/320707"
},
{
"name": "DSA-361",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-361"
},
{
"name": "http://www.kde.org/info/security/advisory-20030602-1.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20030602-1.txt"
},
{
"name": "7520",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7520"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0370",
"datePublished": "2003-06-05T04:00:00",
"dateReserved": "2003-06-03T00:00:00",
"dateUpdated": "2024-08-08T01:50:47.981Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-2333 (GCVE-0-2002-2333)
Vulnerability from cvelistv5
Published
2007-10-26 19:00
Modified
2024-09-16 17:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in konqueror in KDE 2.1 through 3.0 and 3.0.2 allows remote attackers to cause a denial of service (crash) via an IMG tag with large width and height attributes.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:59:11.841Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "opera-konqueror-image-dos(10126)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10126.php"
},
{
"name": "20020917 Re: Bug in Opera and Konqueror",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-09/0177.html"
},
{
"name": "20020915 Bug in Opera and Konqueror",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-09/0167.html"
},
{
"name": "5721",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5721"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in konqueror in KDE 2.1 through 3.0 and 3.0.2 allows remote attackers to cause a denial of service (crash) via an IMG tag with large width and height attributes."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-10-26T19:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "opera-konqueror-image-dos(10126)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10126.php"
},
{
"name": "20020917 Re: Bug in Opera and Konqueror",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-09/0177.html"
},
{
"name": "20020915 Bug in Opera and Konqueror",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-09/0167.html"
},
{
"name": "5721",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5721"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2333",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in konqueror in KDE 2.1 through 3.0 and 3.0.2 allows remote attackers to cause a denial of service (crash) via an IMG tag with large width and height attributes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "opera-konqueror-image-dos(10126)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10126.php"
},
{
"name": "20020917 Re: Bug in Opera and Konqueror",
"refsource": "BUGTRAQ",
"url": "http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-09/0177.html"
},
{
"name": "20020915 Bug in Opera and Konqueror",
"refsource": "BUGTRAQ",
"url": "http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-09/0167.html"
},
{
"name": "5721",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5721"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2333",
"datePublished": "2007-10-26T19:00:00Z",
"dateReserved": "2007-10-26T00:00:00Z",
"dateUpdated": "2024-09-16T17:03:07.582Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-0610 (GCVE-0-2001-0610)
Vulnerability from cvelistv5
Published
2001-07-27 04:00
Modified
2024-08-08 04:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
kfm as included with KDE 1.x can allow a local attacker to gain additional privileges via a symlink attack in the kfm cache directory in /tmp.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:30:05.988Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "kfm-tmpfile-symlink(6428)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6428"
},
{
"name": "20010418 Insecure directory handling in KFM file manager",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-04/0336.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-04-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "kfm as included with KDE 1.x can allow a local attacker to gain additional privileges via a symlink attack in the kfm cache directory in /tmp."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-18T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "kfm-tmpfile-symlink(6428)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6428"
},
{
"name": "20010418 Insecure directory handling in KFM file manager",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-04/0336.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0610",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "kfm as included with KDE 1.x can allow a local attacker to gain additional privileges via a symlink attack in the kfm cache directory in /tmp."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "kfm-tmpfile-symlink(6428)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6428"
},
{
"name": "20010418 Insecure directory handling in KFM file manager",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-04/0336.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0610",
"datePublished": "2001-07-27T04:00:00",
"dateReserved": "2001-07-27T00:00:00",
"dateUpdated": "2024-08-08T04:30:05.988Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0530 (GCVE-0-2000-0530)
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The KApplication class in the KDE 1.1.2 configuration file management capability allows local users to overwrite arbitrary files.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:21:31.102Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20000531 KDE::KApplication feature?",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0387.html"
},
{
"name": "kde-configuration-file-creation(4583)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4583"
},
{
"name": "CSSA-2000-015.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-015.0.txt"
},
{
"name": "1291",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1291"
},
{
"name": "RHSA-2000:032",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-032.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-05-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The KApplication class in the KDE 1.1.2 configuration file management capability allows local users to overwrite arbitrary files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20000531 KDE::KApplication feature?",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0387.html"
},
{
"name": "kde-configuration-file-creation(4583)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4583"
},
{
"name": "CSSA-2000-015.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-015.0.txt"
},
{
"name": "1291",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1291"
},
{
"name": "RHSA-2000:032",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-032.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0530",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The KApplication class in the KDE 1.1.2 configuration file management capability allows local users to overwrite arbitrary files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20000531 KDE::KApplication feature?",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0387.html"
},
{
"name": "kde-configuration-file-creation(4583)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4583"
},
{
"name": "CSSA-2000-015.0",
"refsource": "CALDERA",
"url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-015.0.txt"
},
{
"name": "1291",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1291"
},
{
"name": "RHSA-2000:032",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2000-032.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0530",
"datePublished": "2000-10-13T04:00:00",
"dateReserved": "2000-07-11T00:00:00",
"dateUpdated": "2024-08-08T05:21:31.102Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-9604 (GCVE-0-2017-9604)
Vulnerability from cvelistv5
Published
2017-06-13 13:00
Modified
2024-09-17 02:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in KDE Applications before 17.04.2, do not ensure that a plugin's sign/encrypt action occurs during use of the Send Later feature, which allows remote attackers to obtain sensitive information by sniffing the network.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:11:02.350Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://commits.kde.org/messagelib/c54706e990bbd6498e7b1597ec7900bc809e8197"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://commits.kde.org/kmail/78c5552be2f00a4ac25bd77ca39386522fca70a8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in KDE Applications before 17.04.2, do not ensure that a plugin\u0027s sign/encrypt action occurs during use of the Send Later feature, which allows remote attackers to obtain sensitive information by sniffing the network."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-13T13:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://commits.kde.org/messagelib/c54706e990bbd6498e7b1597ec7900bc809e8197"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://commits.kde.org/kmail/78c5552be2f00a4ac25bd77ca39386522fca70a8"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-9604",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in KDE Applications before 17.04.2, do not ensure that a plugin\u0027s sign/encrypt action occurs during use of the Send Later feature, which allows remote attackers to obtain sensitive information by sniffing the network."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://commits.kde.org/messagelib/c54706e990bbd6498e7b1597ec7900bc809e8197",
"refsource": "CONFIRM",
"url": "https://commits.kde.org/messagelib/c54706e990bbd6498e7b1597ec7900bc809e8197"
},
{
"name": "https://commits.kde.org/kmail/78c5552be2f00a4ac25bd77ca39386522fca70a8",
"refsource": "CONFIRM",
"url": "https://commits.kde.org/kmail/78c5552be2f00a4ac25bd77ca39386522fca70a8"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-9604",
"datePublished": "2017-06-13T13:00:00Z",
"dateReserved": "2017-06-13T00:00:00Z",
"dateUpdated": "2024-09-17T02:16:34.175Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1393 (GCVE-0-2002-1393)
Vulnerability from cvelistv5
Published
2003-01-08 05:00
Modified
2024-08-08 03:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple vulnerabilities in KDE 2 and KDE 3.x through 3.0.5 do not quote certain parameters that are inserted into a shell command, which could allow remote attackers to execute arbitrary commands via (1) URLs, (2) filenames, or (3) e-mail addresses.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:19:28.609Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-243",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-243"
},
{
"name": "DSA-236",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-236"
},
{
"name": "DSA-234",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-234"
},
{
"name": "DSA-242",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-242"
},
{
"name": "DSA-235",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-235"
},
{
"name": "DSA-241",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-241"
},
{
"name": "8103",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/8103"
},
{
"name": "8067",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/8067"
},
{
"name": "DSA-239",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-239"
},
{
"name": "RHSA-2003:002",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-002.html"
},
{
"name": "DSA-240",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-240"
},
{
"name": "RHSA-2003:003",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-003.html"
},
{
"name": "20021221 KDE Security Advisory: Multiple vulnerabilities in KDE",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104049734911544\u0026w=2"
},
{
"name": "6462",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6462"
},
{
"name": "CLA-2003:569",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000569"
},
{
"name": "DSA-238",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-238"
},
{
"name": "MDKSA-2003:004",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:004"
},
{
"name": "20021222 GLSA: kde-3.0.x",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104066520330397\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20021220-1.txt"
},
{
"name": "DSA-237",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-237"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-12-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in KDE 2 and KDE 3.x through 3.0.5 do not quote certain parameters that are inserted into a shell command, which could allow remote attackers to execute arbitrary commands via (1) URLs, (2) filenames, or (3) e-mail addresses."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-243",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-243"
},
{
"name": "DSA-236",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-236"
},
{
"name": "DSA-234",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-234"
},
{
"name": "DSA-242",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-242"
},
{
"name": "DSA-235",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-235"
},
{
"name": "DSA-241",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-241"
},
{
"name": "8103",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/8103"
},
{
"name": "8067",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/8067"
},
{
"name": "DSA-239",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-239"
},
{
"name": "RHSA-2003:002",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-002.html"
},
{
"name": "DSA-240",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-240"
},
{
"name": "RHSA-2003:003",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-003.html"
},
{
"name": "20021221 KDE Security Advisory: Multiple vulnerabilities in KDE",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104049734911544\u0026w=2"
},
{
"name": "6462",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6462"
},
{
"name": "CLA-2003:569",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000569"
},
{
"name": "DSA-238",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-238"
},
{
"name": "MDKSA-2003:004",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:004"
},
{
"name": "20021222 GLSA: kde-3.0.x",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104066520330397\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20021220-1.txt"
},
{
"name": "DSA-237",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-237"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1393",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities in KDE 2 and KDE 3.x through 3.0.5 do not quote certain parameters that are inserted into a shell command, which could allow remote attackers to execute arbitrary commands via (1) URLs, (2) filenames, or (3) e-mail addresses."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-243",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-243"
},
{
"name": "DSA-236",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-236"
},
{
"name": "DSA-234",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-234"
},
{
"name": "DSA-242",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-242"
},
{
"name": "DSA-235",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-235"
},
{
"name": "DSA-241",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-241"
},
{
"name": "8103",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/8103"
},
{
"name": "8067",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/8067"
},
{
"name": "DSA-239",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-239"
},
{
"name": "RHSA-2003:002",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-002.html"
},
{
"name": "DSA-240",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-240"
},
{
"name": "RHSA-2003:003",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-003.html"
},
{
"name": "20021221 KDE Security Advisory: Multiple vulnerabilities in KDE",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104049734911544\u0026w=2"
},
{
"name": "6462",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6462"
},
{
"name": "CLA-2003:569",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000569"
},
{
"name": "DSA-238",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-238"
},
{
"name": "MDKSA-2003:004",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:004"
},
{
"name": "20021222 GLSA: kde-3.0.x",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104066520330397\u0026w=2"
},
{
"name": "http://www.kde.org/info/security/advisory-20021220-1.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20021220-1.txt"
},
{
"name": "DSA-237",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-237"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1393",
"datePublished": "2003-01-08T05:00:00",
"dateReserved": "2003-01-06T00:00:00",
"dateUpdated": "2024-08-08T03:19:28.609Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4513 (GCVE-0-2012-4513)
Vulnerability from cvelistv5
Published
2012-11-11 11:00
Modified
2024-08-06 20:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
khtml/imload/scaledimageplane.h in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via large canvas dimensions, which leads to an unexpected sign extension and a heap-based buffer over-read.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:35:10.046Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "51145",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51145"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://quickgit.kde.org/index.php?p=kdelibs.git\u0026a=commitdiff\u0026h=1f8b1b034ccf1713a5d123a4c327290f86d17d53"
},
{
"name": "RHSA-2012:1418",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1418.html"
},
{
"name": "RHSA-2012:1416",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1416.html"
},
{
"name": "1027709",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027709"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc"
},
{
"name": "[oss-security] 20121011 Re: Pre-advisory for Konqueror 4.7.3 (other versions may be affected)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/11"
},
{
"name": "20121030 Medium risk security flaws in Konqueror",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html"
},
{
"name": "[oss-security] 20121030 Medium risk security flaws in Konqueror",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/30/6"
},
{
"name": "51097",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51097"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "khtml/imload/scaledimageplane.h in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via large canvas dimensions, which leads to an unexpected sign extension and a heap-based buffer over-read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-11-11T11:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "51145",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51145"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://quickgit.kde.org/index.php?p=kdelibs.git\u0026a=commitdiff\u0026h=1f8b1b034ccf1713a5d123a4c327290f86d17d53"
},
{
"name": "RHSA-2012:1418",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1418.html"
},
{
"name": "RHSA-2012:1416",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1416.html"
},
{
"name": "1027709",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027709"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc"
},
{
"name": "[oss-security] 20121011 Re: Pre-advisory for Konqueror 4.7.3 (other versions may be affected)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/11"
},
{
"name": "20121030 Medium risk security flaws in Konqueror",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html"
},
{
"name": "[oss-security] 20121030 Medium risk security flaws in Konqueror",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/30/6"
},
{
"name": "51097",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51097"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-4513",
"datePublished": "2012-11-11T11:00:00Z",
"dateReserved": "2012-08-21T00:00:00Z",
"dateUpdated": "2024-08-06T20:35:10.046Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0206 (GCVE-0-2005-0206)
Vulnerability from cvelistv5
Published
2005-02-15 05:00
Modified
2024-08-07 21:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:05:25.397Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:11107",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107"
},
{
"name": "MDKSA-2005:041",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:041"
},
{
"name": "11501",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11501"
},
{
"name": "RHSA-2005:034",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-034.html"
},
{
"name": "MDKSA-2005:056",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:056"
},
{
"name": "MDKSA-2005:043",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:043"
},
{
"name": "RHSA-2005:213",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-213.html"
},
{
"name": "MDKSA-2005:044",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:044"
},
{
"name": "RHSA-2005:053",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
},
{
"name": "xpdf-pdf-bo(17818)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818"
},
{
"name": "MDKSA-2005:052",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052"
},
{
"name": "RHSA-2005:132",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-132.html"
},
{
"name": "MDKSA-2005:042",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:042"
},
{
"name": "RHSA-2005:057",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-057.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-02-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:11107",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107"
},
{
"name": "MDKSA-2005:041",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:041"
},
{
"name": "11501",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11501"
},
{
"name": "RHSA-2005:034",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-034.html"
},
{
"name": "MDKSA-2005:056",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:056"
},
{
"name": "MDKSA-2005:043",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:043"
},
{
"name": "RHSA-2005:213",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-213.html"
},
{
"name": "MDKSA-2005:044",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:044"
},
{
"name": "RHSA-2005:053",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
},
{
"name": "xpdf-pdf-bo(17818)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818"
},
{
"name": "MDKSA-2005:052",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052"
},
{
"name": "RHSA-2005:132",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-132.html"
},
{
"name": "MDKSA-2005:042",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:042"
},
{
"name": "RHSA-2005:057",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-057.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0206",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:11107",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107"
},
{
"name": "MDKSA-2005:041",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:041"
},
{
"name": "11501",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11501"
},
{
"name": "RHSA-2005:034",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-034.html"
},
{
"name": "MDKSA-2005:056",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:056"
},
{
"name": "MDKSA-2005:043",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:043"
},
{
"name": "RHSA-2005:213",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-213.html"
},
{
"name": "MDKSA-2005:044",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:044"
},
{
"name": "RHSA-2005:053",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
},
{
"name": "xpdf-pdf-bo(17818)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818"
},
{
"name": "MDKSA-2005:052",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052"
},
{
"name": "RHSA-2005:132",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-132.html"
},
{
"name": "MDKSA-2005:042",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:042"
},
{
"name": "RHSA-2005:057",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-057.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0206",
"datePublished": "2005-02-15T05:00:00",
"dateReserved": "2005-02-01T00:00:00",
"dateUpdated": "2024-08-07T21:05:25.397Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2494 (GCVE-0-2005-2494)
Vulnerability from cvelistv5
Published
2005-09-06 04:00
Modified
2024-08-07 22:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
kcheckpass in KDE 3.2.0 up to 3.4.2 allows local users to gain root access via a symlink attack on lock files.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:30:00.960Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDKSA-2005:160",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:160"
},
{
"name": "20050905 [KDE Security Advisory] kcheckpass local root vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112603999215453\u0026w=2"
},
{
"name": "16692",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16692"
},
{
"name": "oval:org.mitre.oval:def:9388",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9388"
},
{
"name": "USN-176-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-176-1"
},
{
"name": "18139",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18139"
},
{
"name": "21481",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21481"
},
{
"name": "DSA-815",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-815"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20050905-1.txt"
},
{
"name": "RHSA-2006:0582",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0582.html"
},
{
"name": "20050907 [ Suresec Advisories ] - Kcheckpass file creation vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112611555928169\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.suresec.org/advisories/adv6.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.2-kdebase-kcheckpass.diff"
},
{
"name": "14736",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14736"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-09-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "kcheckpass in KDE 3.2.0 up to 3.4.2 allows local users to gain root access via a symlink attack on lock files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "MDKSA-2005:160",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:160"
},
{
"name": "20050905 [KDE Security Advisory] kcheckpass local root vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112603999215453\u0026w=2"
},
{
"name": "16692",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16692"
},
{
"name": "oval:org.mitre.oval:def:9388",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9388"
},
{
"name": "USN-176-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-176-1"
},
{
"name": "18139",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18139"
},
{
"name": "21481",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21481"
},
{
"name": "DSA-815",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-815"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20050905-1.txt"
},
{
"name": "RHSA-2006:0582",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0582.html"
},
{
"name": "20050907 [ Suresec Advisories ] - Kcheckpass file creation vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112611555928169\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.suresec.org/advisories/adv6.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.2-kdebase-kcheckpass.diff"
},
{
"name": "14736",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14736"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-2494",
"datePublished": "2005-09-06T04:00:00",
"dateReserved": "2005-08-08T00:00:00",
"dateUpdated": "2024-08-07T22:30:00.960Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4515 (GCVE-0-2012-4515)
Vulnerability from cvelistv5
Published
2012-11-11 11:00
Modified
2024-08-06 20:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in khtml/rendering/render_replaced.cpp in Konqueror in KDE 4.7.3, when the context menu is shown, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by accessing an iframe when it is being updated.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:35:10.041Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "51145",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51145"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc"
},
{
"name": "[oss-security] 20121011 Re: Pre-advisory for Konqueror 4.7.3 (other versions may be affected)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/11"
},
{
"name": "20121030 Medium risk security flaws in Konqueror",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://quickgit.kde.org/index.php?p=kdelibs.git\u0026a=commitdiff\u0026h=4f2eb356f1c23444fff2cfe0a7ae10efe303d6d8"
},
{
"name": "[oss-security] 20121030 Medium risk security flaws in Konqueror",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/30/6"
},
{
"name": "51097",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51097"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in khtml/rendering/render_replaced.cpp in Konqueror in KDE 4.7.3, when the context menu is shown, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by accessing an iframe when it is being updated."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-11-11T11:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "51145",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51145"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc"
},
{
"name": "[oss-security] 20121011 Re: Pre-advisory for Konqueror 4.7.3 (other versions may be affected)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/11"
},
{
"name": "20121030 Medium risk security flaws in Konqueror",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://quickgit.kde.org/index.php?p=kdelibs.git\u0026a=commitdiff\u0026h=4f2eb356f1c23444fff2cfe0a7ae10efe303d6d8"
},
{
"name": "[oss-security] 20121030 Medium risk security flaws in Konqueror",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/30/6"
},
{
"name": "51097",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51097"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-4515",
"datePublished": "2012-11-11T11:00:00Z",
"dateReserved": "2012-08-21T00:00:00Z",
"dateUpdated": "2024-08-06T20:35:10.041Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-7139 (GCVE-0-2006-7139)
Vulnerability from cvelistv5
Published
2007-03-07 20:00
Modified
2024-08-07 20:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Kmail 1.9.1 on KDE 3.5.2, with "Prefer HTML to Plain Text" enabled, allows remote attackers to cause a denial of service (crash) via an HTML e-mail with certain table and frameset tags that trigger a segmentation fault, possibly involving invalid free or delete operations.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:50:06.119Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "24889",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24889"
},
{
"name": "20061015 Re: [Full-disclosure] Kmail \u003c= 1.9.1 (table/frameset) DOS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/448766/100/0/threaded"
},
{
"name": "SUSE-SR:2007:006",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_6_sr.html"
},
{
"name": "20061014 Kmail \u003c= 1.9.1 (table/frameset) DOS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/448768/100/0/threaded"
},
{
"name": "20539",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20539"
},
{
"name": "kmail-table-frameset-dos(29557)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29557"
},
{
"name": "20061014 Kmail \u003c= 1.9.1 (table/frameset) DOS",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0293.html"
},
{
"name": "2347",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2347"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-10-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Kmail 1.9.1 on KDE 3.5.2, with \"Prefer HTML to Plain Text\" enabled, allows remote attackers to cause a denial of service (crash) via an HTML e-mail with certain table and frameset tags that trigger a segmentation fault, possibly involving invalid free or delete operations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "24889",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24889"
},
{
"name": "20061015 Re: [Full-disclosure] Kmail \u003c= 1.9.1 (table/frameset) DOS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/448766/100/0/threaded"
},
{
"name": "SUSE-SR:2007:006",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_6_sr.html"
},
{
"name": "20061014 Kmail \u003c= 1.9.1 (table/frameset) DOS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/448768/100/0/threaded"
},
{
"name": "20539",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20539"
},
{
"name": "kmail-table-frameset-dos(29557)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29557"
},
{
"name": "20061014 Kmail \u003c= 1.9.1 (table/frameset) DOS",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0293.html"
},
{
"name": "2347",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2347"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-7139",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kmail 1.9.1 on KDE 3.5.2, with \"Prefer HTML to Plain Text\" enabled, allows remote attackers to cause a denial of service (crash) via an HTML e-mail with certain table and frameset tags that trigger a segmentation fault, possibly involving invalid free or delete operations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24889",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24889"
},
{
"name": "20061015 Re: [Full-disclosure] Kmail \u003c= 1.9.1 (table/frameset) DOS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/448766/100/0/threaded"
},
{
"name": "SUSE-SR:2007:006",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_6_sr.html"
},
{
"name": "20061014 Kmail \u003c= 1.9.1 (table/frameset) DOS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/448768/100/0/threaded"
},
{
"name": "20539",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20539"
},
{
"name": "kmail-table-frameset-dos(29557)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29557"
},
{
"name": "20061014 Kmail \u003c= 1.9.1 (table/frameset) DOS",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0293.html"
},
{
"name": "2347",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2347"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-7139",
"datePublished": "2007-03-07T20:00:00",
"dateReserved": "2007-03-07T00:00:00",
"dateUpdated": "2024-08-07T20:50:06.119Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-1107 (GCVE-0-1999-1107)
Vulnerability from cvelistv5
Published
2001-09-12 04:00
Modified
2024-08-01 17:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in kppp in KDE allows local users to gain root access via a long PATH environmental variable.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:02:53.704Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19981118 Multiple KDE security vulnerabilities (root compromise)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=91141486301691\u0026w=2"
},
{
"name": "kde-kppp-path-bo(1650)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1650"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1998-11-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in kppp in KDE allows local users to gain root access via a long PATH environmental variable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-18T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19981118 Multiple KDE security vulnerabilities (root compromise)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=91141486301691\u0026w=2"
},
{
"name": "kde-kppp-path-bo(1650)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1650"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1107",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in kppp in KDE allows local users to gain root access via a long PATH environmental variable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19981118 Multiple KDE security vulnerabilities (root compromise)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=91141486301691\u0026w=2"
},
{
"name": "kde-kppp-path-bo(1650)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1650"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1107",
"datePublished": "2001-09-12T04:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:02:53.704Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0888 (GCVE-0-2004-0888)
Vulnerability from cvelistv5
Published
2004-10-26 04:00
Modified
2024-08-08 00:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:47.615Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2004:592",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-592.html"
},
{
"name": "11501",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11501"
},
{
"name": "RHSA-2005:066",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-066.html"
},
{
"name": "USN-9-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://www.ubuntu.com/usn/usn-9-1/"
},
{
"name": "MDKSA-2004:113",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:113"
},
{
"name": "GLSA-200410-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml"
},
{
"name": "DSA-581",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-581"
},
{
"name": "DSA-573",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-573"
},
{
"name": "FLSA:2353",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353"
},
{
"name": "MDKSA-2004:116",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:116"
},
{
"name": "DSA-599",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-599"
},
{
"name": "xpdf-pdf-bo(17818)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818"
},
{
"name": "RHSA-2005:354",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
},
{
"name": "RHSA-2004:543",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-543.html"
},
{
"name": "oval:org.mitre.oval:def:9714",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9714"
},
{
"name": "CLA-2004:886",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000886"
},
{
"name": "MDKSA-2004:114",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:114"
},
{
"name": "GLSA-200410-30",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml"
},
{
"name": "MDKSA-2004:115",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:115"
},
{
"name": "SUSE-SA:2004:039",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109880927526773\u0026w=2"
},
{
"name": "FLSA:2352",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110815379627883\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-10-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2004:592",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-592.html"
},
{
"name": "11501",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11501"
},
{
"name": "RHSA-2005:066",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-066.html"
},
{
"name": "USN-9-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://www.ubuntu.com/usn/usn-9-1/"
},
{
"name": "MDKSA-2004:113",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:113"
},
{
"name": "GLSA-200410-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml"
},
{
"name": "DSA-581",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-581"
},
{
"name": "DSA-573",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-573"
},
{
"name": "FLSA:2353",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353"
},
{
"name": "MDKSA-2004:116",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:116"
},
{
"name": "DSA-599",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-599"
},
{
"name": "xpdf-pdf-bo(17818)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818"
},
{
"name": "RHSA-2005:354",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
},
{
"name": "RHSA-2004:543",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-543.html"
},
{
"name": "oval:org.mitre.oval:def:9714",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9714"
},
{
"name": "CLA-2004:886",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000886"
},
{
"name": "MDKSA-2004:114",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:114"
},
{
"name": "GLSA-200410-30",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml"
},
{
"name": "MDKSA-2004:115",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:115"
},
{
"name": "SUSE-SA:2004:039",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109880927526773\u0026w=2"
},
{
"name": "FLSA:2352",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110815379627883\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0888",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2004:592",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-592.html"
},
{
"name": "11501",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11501"
},
{
"name": "RHSA-2005:066",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-066.html"
},
{
"name": "USN-9-1",
"refsource": "UBUNTU",
"url": "https://www.ubuntu.com/usn/usn-9-1/"
},
{
"name": "MDKSA-2004:113",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:113"
},
{
"name": "GLSA-200410-20",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml"
},
{
"name": "DSA-581",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-581"
},
{
"name": "DSA-573",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-573"
},
{
"name": "FLSA:2353",
"refsource": "FEDORA",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353"
},
{
"name": "MDKSA-2004:116",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:116"
},
{
"name": "DSA-599",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-599"
},
{
"name": "xpdf-pdf-bo(17818)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818"
},
{
"name": "RHSA-2005:354",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
},
{
"name": "RHSA-2004:543",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-543.html"
},
{
"name": "oval:org.mitre.oval:def:9714",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9714"
},
{
"name": "CLA-2004:886",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000886"
},
{
"name": "MDKSA-2004:114",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:114"
},
{
"name": "GLSA-200410-30",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml"
},
{
"name": "MDKSA-2004:115",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:115"
},
{
"name": "SUSE-SA:2004:039",
"refsource": "SUSE",
"url": "http://marc.info/?l=bugtraq\u0026m=109880927526773\u0026w=2"
},
{
"name": "FLSA:2352",
"refsource": "FEDORA",
"url": "http://marc.info/?l=bugtraq\u0026m=110815379627883\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0888",
"datePublished": "2004-10-26T04:00:00",
"dateReserved": "2004-09-22T00:00:00",
"dateUpdated": "2024-08-08T00:31:47.615Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4514 (GCVE-0-2012-4514)
Vulnerability from cvelistv5
Published
2012-11-11 11:00
Modified
2024-08-06 20:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
rendering/render_replaced.cpp in Konqueror in KDE before 4.9.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted web page, related to "trying to reuse a frame with a null part."
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:35:09.931Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.kde.org/show_bug.cgi?id=271528"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://quickgit.kde.org/index.php?p=kdelibs.git\u0026a=commitdiff\u0026h=65464349951e0df9b5d80c2eb3cc7458d54923ae"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc"
},
{
"name": "[oss-security] 20121011 Re: Pre-advisory for Konqueror 4.7.3 (other versions may be affected)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/11"
},
{
"name": "20121030 Medium risk security flaws in Konqueror",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html"
},
{
"name": "[oss-security] 20121030 Medium risk security flaws in Konqueror",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/30/6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "rendering/render_replaced.cpp in Konqueror in KDE before 4.9.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted web page, related to \"trying to reuse a frame with a null part.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-11-11T11:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.kde.org/show_bug.cgi?id=271528"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://quickgit.kde.org/index.php?p=kdelibs.git\u0026a=commitdiff\u0026h=65464349951e0df9b5d80c2eb3cc7458d54923ae"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc"
},
{
"name": "[oss-security] 20121011 Re: Pre-advisory for Konqueror 4.7.3 (other versions may be affected)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/11"
},
{
"name": "20121030 Medium risk security flaws in Konqueror",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html"
},
{
"name": "[oss-security] 20121030 Medium risk security flaws in Konqueror",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/30/6"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-4514",
"datePublished": "2012-11-11T11:00:00Z",
"dateReserved": "2012-08-21T00:00:00Z",
"dateUpdated": "2024-08-06T20:35:09.931Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0754 (GCVE-0-2005-0754)
Vulnerability from cvelistv5
Published
2005-04-24 04:00
Modified
2024-08-07 21:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Kommander in KDE 3.2 through KDE 3.4.0 executes data files without confirmation from the user, which allows remote attackers to execute arbitrary code.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:28:27.162Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20050420-1.txt"
},
{
"name": "20050422 [KDE Security Advisory]: Kommander untrusted code execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111419664411051\u0026w=2"
},
{
"name": "15060",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/15060"
},
{
"name": "13313",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/13313"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.0-kdewebdev-kommander.diff"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-04-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Kommander in KDE 3.2 through KDE 3.4.0 executes data files without confirmation from the user, which allows remote attackers to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20050420-1.txt"
},
{
"name": "20050422 [KDE Security Advisory]: Kommander untrusted code execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111419664411051\u0026w=2"
},
{
"name": "15060",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/15060"
},
{
"name": "13313",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/13313"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.0-kdewebdev-kommander.diff"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2005-0754",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kommander in KDE 3.2 through KDE 3.4.0 executes data files without confirmation from the user, which allows remote attackers to execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.kde.org/info/security/advisory-20050420-1.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20050420-1.txt"
},
{
"name": "20050422 [KDE Security Advisory]: Kommander untrusted code execution",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=111419664411051\u0026w=2"
},
{
"name": "15060",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15060"
},
{
"name": "13313",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/13313"
},
{
"name": "ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.0-kdewebdev-kommander.diff",
"refsource": "CONFIRM",
"url": "ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.0-kdewebdev-kommander.diff"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-0754",
"datePublished": "2005-04-24T04:00:00",
"dateReserved": "2005-03-17T00:00:00",
"dateUpdated": "2024-08-07T21:28:27.162Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-1106 (GCVE-0-1999-1106)
Vulnerability from cvelistv5
Published
2001-09-12 04:00
Modified
2024-08-01 17:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in kppp in KDE allows local users to gain root access via a long -c (account_name) command line argument.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:02:53.650Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19980429 Security hole in kppp",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/9121"
},
{
"name": "kde-kppp-account-bo(1643)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1643"
},
{
"name": "92",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1998-04-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in kppp in KDE allows local users to gain root access via a long -c (account_name) command line argument."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-18T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19980429 Security hole in kppp",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/9121"
},
{
"name": "kde-kppp-account-bo(1643)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1643"
},
{
"name": "92",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1106",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in kppp in KDE allows local users to gain root access via a long -c (account_name) command line argument."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19980429 Security hole in kppp",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/9121"
},
{
"name": "kde-kppp-account-bo(1643)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1643"
},
{
"name": "92",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1106",
"datePublished": "2001-09-12T04:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:02:53.650Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0689 (GCVE-0-2004-0689)
Vulnerability from cvelistv5
Published
2004-08-19 04:00
Modified
2024-08-08 00:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
KDE before 3.3.0 does not properly handle when certain symbolic links point to "stale" locations, which could allow local users to create or truncate arbitrary files.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:24:27.110Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:9334",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9334"
},
{
"name": "CLA-2004:864",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000864"
},
{
"name": "12276",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/12276/"
},
{
"name": "kde-application-symlink(16963)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16963"
},
{
"name": "DSA-539",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-539"
},
{
"name": "200408-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200408-13.xml"
},
{
"name": "20040811 KDE Security Advisories: Temporary File and Konqueror Frame Injection Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109225538901170\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20040811-1.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-08-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "KDE before 3.3.0 does not properly handle when certain symbolic links point to \"stale\" locations, which could allow local users to create or truncate arbitrary files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:9334",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9334"
},
{
"name": "CLA-2004:864",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000864"
},
{
"name": "12276",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/12276/"
},
{
"name": "kde-application-symlink(16963)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16963"
},
{
"name": "DSA-539",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-539"
},
{
"name": "200408-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200408-13.xml"
},
{
"name": "20040811 KDE Security Advisories: Temporary File and Konqueror Frame Injection Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109225538901170\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20040811-1.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0689",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "KDE before 3.3.0 does not properly handle when certain symbolic links point to \"stale\" locations, which could allow local users to create or truncate arbitrary files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:9334",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9334"
},
{
"name": "CLA-2004:864",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000864"
},
{
"name": "12276",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12276/"
},
{
"name": "kde-application-symlink(16963)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16963"
},
{
"name": "DSA-539",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-539"
},
{
"name": "200408-13",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200408-13.xml"
},
{
"name": "20040811 KDE Security Advisories: Temporary File and Konqueror Frame Injection Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=109225538901170\u0026w=2"
},
{
"name": "http://www.kde.org/info/security/advisory-20040811-1.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20040811-1.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0689",
"datePublished": "2004-08-19T04:00:00",
"dateReserved": "2004-07-13T00:00:00",
"dateUpdated": "2024-08-08T00:24:27.110Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-2933 (GCVE-0-2006-2933)
Vulnerability from cvelistv5
Published
2006-07-27 22:00
Modified
2024-08-07 18:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
kdesktop_lock in kdebase before 3.1.3-5.11 for KDE in Red Hat Enterprise Linux (RHEL) 3 does not properly terminate, which can prevent the screensaver from activating or prevent users from manually locking the desktop.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:06:27.215Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "21203",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21203"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=177755"
},
{
"name": "RHSA-2006:0576",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0576.html"
},
{
"name": "1016571",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016571"
},
{
"name": "oval:org.mitre.oval:def:10535",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10535"
},
{
"name": "19152",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19152"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "kdesktop_lock in kdebase before 3.1.3-5.11 for KDE in Red Hat Enterprise Linux (RHEL) 3 does not properly terminate, which can prevent the screensaver from activating or prevent users from manually locking the desktop."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "21203",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21203"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=177755"
},
{
"name": "RHSA-2006:0576",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0576.html"
},
{
"name": "1016571",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016571"
},
{
"name": "oval:org.mitre.oval:def:10535",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10535"
},
{
"name": "19152",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19152"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2006-2933",
"datePublished": "2006-07-27T22:00:00",
"dateReserved": "2006-06-09T00:00:00",
"dateUpdated": "2024-08-07T18:06:27.215Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1306 (GCVE-0-2002-1306)
Vulnerability from cvelistv5
Published
2002-11-21 05:00
Modified
2024-08-08 03:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple buffer overflows in LISa on KDE 2.x for 2.1 and later, and KDE 3.x before 3.0.4, allow (1) local and possibly remote attackers to execute arbitrary code via the "lisa" daemon, and (2) remote attackers to execute arbitrary code via a certain "lan://" URL.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:19:28.473Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDKSA-2002:080",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-080.php"
},
{
"name": "20021114 GLSA: kdelibs",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103728981029342\u0026w=2"
},
{
"name": "20021112 KDE Security Advisory: resLISa / LISa Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103712329102632\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20021111-2.txt"
},
{
"name": "kde-kdenetwork-lisa-bo(10597)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10597.php"
},
{
"name": "N-020",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/n-020.shtml"
},
{
"name": "kde-kdenetwork-lan-bo(10598)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10598.php"
},
{
"name": "DSA-214",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2002/dsa-214"
},
{
"name": "RHSA-2002:220",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"name": "SuSE-SA:2002:042",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2002_042_kdenetwork.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-11-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in LISa on KDE 2.x for 2.1 and later, and KDE 3.x before 3.0.4, allow (1) local and possibly remote attackers to execute arbitrary code via the \"lisa\" daemon, and (2) remote attackers to execute arbitrary code via a certain \"lan://\" URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MDKSA-2002:080",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-080.php"
},
{
"name": "20021114 GLSA: kdelibs",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103728981029342\u0026w=2"
},
{
"name": "20021112 KDE Security Advisory: resLISa / LISa Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103712329102632\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20021111-2.txt"
},
{
"name": "kde-kdenetwork-lisa-bo(10597)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10597.php"
},
{
"name": "N-020",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/n-020.shtml"
},
{
"name": "kde-kdenetwork-lan-bo(10598)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10598.php"
},
{
"name": "DSA-214",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2002/dsa-214"
},
{
"name": "RHSA-2002:220",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"name": "SuSE-SA:2002:042",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2002_042_kdenetwork.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1306",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in LISa on KDE 2.x for 2.1 and later, and KDE 3.x before 3.0.4, allow (1) local and possibly remote attackers to execute arbitrary code via the \"lisa\" daemon, and (2) remote attackers to execute arbitrary code via a certain \"lan://\" URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDKSA-2002:080",
"refsource": "MANDRAKE",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-080.php"
},
{
"name": "20021114 GLSA: kdelibs",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103728981029342\u0026w=2"
},
{
"name": "20021112 KDE Security Advisory: resLISa / LISa Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103712329102632\u0026w=2"
},
{
"name": "http://www.kde.org/info/security/advisory-20021111-2.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20021111-2.txt"
},
{
"name": "kde-kdenetwork-lisa-bo(10597)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10597.php"
},
{
"name": "N-020",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/n-020.shtml"
},
{
"name": "kde-kdenetwork-lan-bo(10598)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10598.php"
},
{
"name": "DSA-214",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2002/dsa-214"
},
{
"name": "RHSA-2002:220",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"name": "SuSE-SA:2002:042",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2002_042_kdenetwork.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1306",
"datePublished": "2002-11-21T05:00:00",
"dateReserved": "2002-11-14T00:00:00",
"dateUpdated": "2024-08-08T03:19:28.473Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-1920 (GCVE-0-2005-1920)
Vulnerability from cvelistv5
Published
2005-07-26 04:00
Modified
2024-08-07 22:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote attackers to obtain sensitive information.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:06:57.747Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SR:2005:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_18_sr.html"
},
{
"name": "14297",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14297"
},
{
"name": "oval:org.mitre.oval:def:9434",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9434"
},
{
"name": "DSA-804",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-804"
},
{
"name": "1014512",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1014512"
},
{
"name": "FLSA:178606",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/427976/100/0/threaded"
},
{
"name": "20050718 [KDE Security Advisory]: Kate backup file permission leak",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112171434023679\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20050718-1.txt"
},
{
"name": "GLSA-200611-21",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200611-21.xml"
},
{
"name": "16099",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16099"
},
{
"name": "23099",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23099"
},
{
"name": "RHSA-2005:612",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-612.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-07-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote attackers to obtain sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "SUSE-SR:2005:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_18_sr.html"
},
{
"name": "14297",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14297"
},
{
"name": "oval:org.mitre.oval:def:9434",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9434"
},
{
"name": "DSA-804",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-804"
},
{
"name": "1014512",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1014512"
},
{
"name": "FLSA:178606",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/427976/100/0/threaded"
},
{
"name": "20050718 [KDE Security Advisory]: Kate backup file permission leak",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112171434023679\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20050718-1.txt"
},
{
"name": "GLSA-200611-21",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200611-21.xml"
},
{
"name": "16099",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16099"
},
{
"name": "23099",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23099"
},
{
"name": "RHSA-2005:612",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-612.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-1920",
"datePublished": "2005-07-26T04:00:00",
"dateReserved": "2005-06-08T00:00:00",
"dateUpdated": "2024-08-07T22:06:57.747Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1171 (GCVE-0-2004-1171)
Vulnerability from cvelistv5
Published
2004-12-10 05:00
Modified
2024-08-08 00:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are (1) manually entered by the user or (2) created by the SMB protocol handler, stores those credentials for plaintext in the user's .desktop file, which may be created with world-readable permissions, which could allow local users to obtain usernames and passwords for remote resources such as SMB shares.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:39:00.912Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "13486",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13486"
},
{
"name": "VU#305294",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/305294"
},
{
"name": "11866",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11866"
},
{
"name": "1012471",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1012471"
},
{
"name": "P-051",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/p-051.shtml"
},
{
"name": "20041129 Password Disclosure for SMB Shares in KDE\u0027s Konqueror",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-11/1292.html"
},
{
"name": "13560",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13560"
},
{
"name": "kde-smb-password-plaintext(18267)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18267"
},
{
"name": "MDKSA-2004:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:150"
},
{
"name": "20041209 KDE Security Advisory: plain text password exposure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110261063201488\u0026w=2"
},
{
"name": "12248",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/12248"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.sec-consult.com/index.php?id=118"
},
{
"name": "GLSA-200412-16",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200412-16.xml"
},
{
"name": "20041129 Password Disclosure for SMB Shares in KDE\u0027s Konqueror",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110178786809694\u0026w=2"
},
{
"name": "13477",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13477"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20041209-1.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are (1) manually entered by the user or (2) created by the SMB protocol handler, stores those credentials for plaintext in the user\u0027s .desktop file, which may be created with world-readable permissions, which could allow local users to obtain usernames and passwords for remote resources such as SMB shares."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "13486",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13486"
},
{
"name": "VU#305294",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/305294"
},
{
"name": "11866",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11866"
},
{
"name": "1012471",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1012471"
},
{
"name": "P-051",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/p-051.shtml"
},
{
"name": "20041129 Password Disclosure for SMB Shares in KDE\u0027s Konqueror",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-11/1292.html"
},
{
"name": "13560",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13560"
},
{
"name": "kde-smb-password-plaintext(18267)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18267"
},
{
"name": "MDKSA-2004:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:150"
},
{
"name": "20041209 KDE Security Advisory: plain text password exposure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110261063201488\u0026w=2"
},
{
"name": "12248",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/12248"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.sec-consult.com/index.php?id=118"
},
{
"name": "GLSA-200412-16",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200412-16.xml"
},
{
"name": "20041129 Password Disclosure for SMB Shares in KDE\u0027s Konqueror",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110178786809694\u0026w=2"
},
{
"name": "13477",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13477"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20041209-1.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1171",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are (1) manually entered by the user or (2) created by the SMB protocol handler, stores those credentials for plaintext in the user\u0027s .desktop file, which may be created with world-readable permissions, which could allow local users to obtain usernames and passwords for remote resources such as SMB shares."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "13486",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13486"
},
{
"name": "VU#305294",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/305294"
},
{
"name": "11866",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11866"
},
{
"name": "1012471",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1012471"
},
{
"name": "P-051",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/p-051.shtml"
},
{
"name": "20041129 Password Disclosure for SMB Shares in KDE\u0027s Konqueror",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-11/1292.html"
},
{
"name": "13560",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13560"
},
{
"name": "kde-smb-password-plaintext(18267)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18267"
},
{
"name": "MDKSA-2004:150",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:150"
},
{
"name": "20041209 KDE Security Advisory: plain text password exposure",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110261063201488\u0026w=2"
},
{
"name": "12248",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/12248"
},
{
"name": "http://www.sec-consult.com/index.php?id=118",
"refsource": "MISC",
"url": "http://www.sec-consult.com/index.php?id=118"
},
{
"name": "GLSA-200412-16",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200412-16.xml"
},
{
"name": "20041129 Password Disclosure for SMB Shares in KDE\u0027s Konqueror",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110178786809694\u0026w=2"
},
{
"name": "13477",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13477"
},
{
"name": "http://www.kde.org/info/security/advisory-20041209-1.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20041209-1.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1171",
"datePublished": "2004-12-10T05:00:00",
"dateReserved": "2004-12-10T00:00:00",
"dateUpdated": "2024-08-08T00:39:00.912Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0104 (GCVE-0-2007-0104)
Vulnerability from cvelistv5
Published
2007-01-09 00:00
Modified
2024-08-07 12:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:03:37.070Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "23815",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23815"
},
{
"name": "MDKSA-2007:022",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:022"
},
{
"name": "MDKSA-2007:020",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:020"
},
{
"name": "TA07-072A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
},
{
"name": "MDKSA-2007:021",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:021"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20070115-1.txt"
},
{
"name": "MDKSA-2007:019",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:019"
},
{
"name": "23799",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23799"
},
{
"name": "23839",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23839"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"name": "multiple-vendor-pdf-code-execution(31364)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31364"
},
{
"name": "USN-410-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-410-2"
},
{
"name": "MDKSA-2007:018",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:018"
},
{
"name": "1017514",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017514"
},
{
"name": "23791",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23791"
},
{
"name": "SUSE-SR:2007:003",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_3_sr.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/techcenter/psdb/44d7cb9b669d58e0ce5aa5d7ab2c7c53.html"
},
{
"name": "21910",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21910"
},
{
"name": "MDKSA-2007:024",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:024"
},
{
"name": "1017749",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017749"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://projects.info-pull.com/moab/MOAB-06-01-2007.html"
},
{
"name": "23844",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23844"
},
{
"name": "USN-410-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-410-1"
},
{
"name": "ADV-2007-0203",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0203"
},
{
"name": "23876",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23876"
},
{
"name": "20070116 [KDE Security Advisory] kpdf/kword/xpdf denial of service vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/457055/100/0/threaded"
},
{
"name": "ADV-2007-0244",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0244"
},
{
"name": "ADV-2007-0212",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0212"
},
{
"name": "ADV-2007-0930",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-964"
},
{
"name": "23813",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23813"
},
{
"name": "24204",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24204"
},
{
"name": "23808",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23808"
},
{
"name": "24479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24479"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-01-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "23815",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23815"
},
{
"name": "MDKSA-2007:022",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:022"
},
{
"name": "MDKSA-2007:020",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:020"
},
{
"name": "TA07-072A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
},
{
"name": "MDKSA-2007:021",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:021"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20070115-1.txt"
},
{
"name": "MDKSA-2007:019",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:019"
},
{
"name": "23799",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23799"
},
{
"name": "23839",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23839"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"name": "multiple-vendor-pdf-code-execution(31364)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31364"
},
{
"name": "USN-410-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-410-2"
},
{
"name": "MDKSA-2007:018",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:018"
},
{
"name": "1017514",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017514"
},
{
"name": "23791",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23791"
},
{
"name": "SUSE-SR:2007:003",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_3_sr.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/techcenter/psdb/44d7cb9b669d58e0ce5aa5d7ab2c7c53.html"
},
{
"name": "21910",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21910"
},
{
"name": "MDKSA-2007:024",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:024"
},
{
"name": "1017749",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017749"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://projects.info-pull.com/moab/MOAB-06-01-2007.html"
},
{
"name": "23844",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23844"
},
{
"name": "USN-410-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-410-1"
},
{
"name": "ADV-2007-0203",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0203"
},
{
"name": "23876",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23876"
},
{
"name": "20070116 [KDE Security Advisory] kpdf/kword/xpdf denial of service vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/457055/100/0/threaded"
},
{
"name": "ADV-2007-0244",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0244"
},
{
"name": "ADV-2007-0212",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0212"
},
{
"name": "ADV-2007-0930",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-964"
},
{
"name": "23813",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23813"
},
{
"name": "24204",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24204"
},
{
"name": "23808",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23808"
},
{
"name": "24479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24479"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0104",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "23815",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23815"
},
{
"name": "MDKSA-2007:022",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:022"
},
{
"name": "MDKSA-2007:020",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:020"
},
{
"name": "TA07-072A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
},
{
"name": "MDKSA-2007:021",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:021"
},
{
"name": "http://www.kde.org/info/security/advisory-20070115-1.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20070115-1.txt"
},
{
"name": "MDKSA-2007:019",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:019"
},
{
"name": "23799",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23799"
},
{
"name": "23839",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23839"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=305214",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"name": "multiple-vendor-pdf-code-execution(31364)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31364"
},
{
"name": "USN-410-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-410-2"
},
{
"name": "MDKSA-2007:018",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:018"
},
{
"name": "1017514",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017514"
},
{
"name": "23791",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23791"
},
{
"name": "SUSE-SR:2007:003",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_3_sr.html"
},
{
"name": "http://support.novell.com/techcenter/psdb/44d7cb9b669d58e0ce5aa5d7ab2c7c53.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/techcenter/psdb/44d7cb9b669d58e0ce5aa5d7ab2c7c53.html"
},
{
"name": "21910",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21910"
},
{
"name": "MDKSA-2007:024",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:024"
},
{
"name": "1017749",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017749"
},
{
"name": "http://projects.info-pull.com/moab/MOAB-06-01-2007.html",
"refsource": "MISC",
"url": "http://projects.info-pull.com/moab/MOAB-06-01-2007.html"
},
{
"name": "23844",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23844"
},
{
"name": "USN-410-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-410-1"
},
{
"name": "ADV-2007-0203",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0203"
},
{
"name": "23876",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23876"
},
{
"name": "20070116 [KDE Security Advisory] kpdf/kword/xpdf denial of service vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/457055/100/0/threaded"
},
{
"name": "ADV-2007-0244",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0244"
},
{
"name": "ADV-2007-0212",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0212"
},
{
"name": "ADV-2007-0930",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"name": "https://issues.rpath.com/browse/RPL-964",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-964"
},
{
"name": "23813",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23813"
},
{
"name": "24204",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24204"
},
{
"name": "23808",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23808"
},
{
"name": "24479",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24479"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0104",
"datePublished": "2007-01-09T00:00:00",
"dateReserved": "2007-01-08T00:00:00",
"dateUpdated": "2024-08-07T12:03:37.070Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5963 (GCVE-0-2007-5963)
Vulnerability from cvelistv5
Published
2007-12-19 23:00
Modified
2024-08-07 15:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in kdebase allows local users to cause a denial of service (KDM login inaccessible, or resource consumption) via unknown vectors.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:47:00.577Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2008-1264",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-package-announce/2008-February/msg00031.html"
},
{
"name": "kdm-image-configuration-dos(39168)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39168"
},
{
"name": "3469",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3469"
},
{
"name": "FEDORA-2008-1283",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-package-announce/2008-February/msg00038.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0268"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-1992"
},
{
"name": "41395",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/41395"
},
{
"name": "20071218 rPSA-2007-0268-1 kdebase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/485238"
},
{
"name": "ADV-2007-4267",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/4267"
},
{
"name": "MDVSA-2009:017",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:017"
},
{
"name": "26909",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26909"
},
{
"name": "28104",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28104"
},
{
"name": "28181",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28181"
},
{
"name": "28751",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28751"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-12-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in kdebase allows local users to cause a denial of service (KDM login inaccessible, or resource consumption) via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FEDORA-2008-1264",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-package-announce/2008-February/msg00031.html"
},
{
"name": "kdm-image-configuration-dos(39168)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39168"
},
{
"name": "3469",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3469"
},
{
"name": "FEDORA-2008-1283",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-package-announce/2008-February/msg00038.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0268"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-1992"
},
{
"name": "41395",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/41395"
},
{
"name": "20071218 rPSA-2007-0268-1 kdebase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/485238"
},
{
"name": "ADV-2007-4267",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/4267"
},
{
"name": "MDVSA-2009:017",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:017"
},
{
"name": "26909",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26909"
},
{
"name": "28104",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28104"
},
{
"name": "28181",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28181"
},
{
"name": "28751",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28751"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2007-5963",
"datePublished": "2007-12-19T23:00:00",
"dateReserved": "2007-11-14T00:00:00",
"dateUpdated": "2024-08-07T15:47:00.577Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-5698 (GCVE-0-2008-5698)
Vulnerability from cvelistv5
Published
2008-12-22 15:00
Modified
2024-08-07 11:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
HTMLTokenizer::scriptHandler in Konqueror in KDE 3.5.9 and 3.5.10 allows remote attackers to cause a denial of service (application crash) via an invalid document.load call that triggers use of a deleted object. NOTE: some of these details are obtained from third party information.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:04:44.062Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "31696",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31696"
},
{
"name": "32208",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32208"
},
{
"name": "ADV-2008-2915",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2915"
},
{
"name": "konqueror-load-dos(45804)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45804"
},
{
"name": "4796",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4796"
},
{
"name": "6718",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/6718"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HTMLTokenizer::scriptHandler in Konqueror in KDE 3.5.9 and 3.5.10 allows remote attackers to cause a denial of service (application crash) via an invalid document.load call that triggers use of a deleted object. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "31696",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31696"
},
{
"name": "32208",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32208"
},
{
"name": "ADV-2008-2915",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2915"
},
{
"name": "konqueror-load-dos(45804)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45804"
},
{
"name": "4796",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4796"
},
{
"name": "6718",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/6718"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5698",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HTMLTokenizer::scriptHandler in Konqueror in KDE 3.5.9 and 3.5.10 allows remote attackers to cause a denial of service (application crash) via an invalid document.load call that triggers use of a deleted object. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "31696",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31696"
},
{
"name": "32208",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32208"
},
{
"name": "ADV-2008-2915",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2915"
},
{
"name": "konqueror-load-dos(45804)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45804"
},
{
"name": "4796",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4796"
},
{
"name": "6718",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/6718"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-5698",
"datePublished": "2008-12-22T15:00:00",
"dateReserved": "2008-12-22T00:00:00",
"dateUpdated": "2024-08-07T11:04:44.062Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0205 (GCVE-0-2005-0205)
Vulnerability from cvelistv5
Published
2005-02-28 05:00
Modified
2024-08-07 21:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
KPPP 2.1.2 in KDE 3.1.5 and earlier, when setuid root without certain wrappers, does not properly close a privileged file descriptor for a domain socket, which allows local users to read and write to /etc/hosts and /etc/resolv.conf and gain control over DNS name resolution by opening a number of file descriptors before executing kppp.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:05:25.431Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:9596",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9596"
},
{
"name": "DSA-692",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-692"
},
{
"name": "RHSA-2005:175",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-175.html"
},
{
"name": "CLA-2005:934",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000934"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20050228-1.txt"
},
{
"name": "20050228 KPPP Privileged File Descriptor Leak Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=208\u0026type=vulnerabilities"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-02-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "KPPP 2.1.2 in KDE 3.1.5 and earlier, when setuid root without certain wrappers, does not properly close a privileged file descriptor for a domain socket, which allows local users to read and write to /etc/hosts and /etc/resolv.conf and gain control over DNS name resolution by opening a number of file descriptors before executing kppp."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:9596",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9596"
},
{
"name": "DSA-692",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-692"
},
{
"name": "RHSA-2005:175",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-175.html"
},
{
"name": "CLA-2005:934",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000934"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20050228-1.txt"
},
{
"name": "20050228 KPPP Privileged File Descriptor Leak Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/application/poi/display?id=208\u0026type=vulnerabilities"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0205",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "KPPP 2.1.2 in KDE 3.1.5 and earlier, when setuid root without certain wrappers, does not properly close a privileged file descriptor for a domain socket, which allows local users to read and write to /etc/hosts and /etc/resolv.conf and gain control over DNS name resolution by opening a number of file descriptors before executing kppp."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:9596",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9596"
},
{
"name": "DSA-692",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-692"
},
{
"name": "RHSA-2005:175",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-175.html"
},
{
"name": "CLA-2005:934",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000934"
},
{
"name": "http://www.kde.org/info/security/advisory-20050228-1.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20050228-1.txt"
},
{
"name": "20050228 KPPP Privileged File Descriptor Leak Vulnerability",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=208\u0026type=vulnerabilities"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0205",
"datePublished": "2005-02-28T05:00:00",
"dateReserved": "2005-02-01T00:00:00",
"dateUpdated": "2024-08-07T21:05:25.431Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0078 (GCVE-0-2005-0078)
Vulnerability from cvelistv5
Published
2005-01-29 05:00
Modified
2024-08-07 20:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The KDE screen saver in KDE before 3.0.5 does not properly check the return value from a certain function call, which allows attackers with physical access to cause a crash and access the desktop session.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:57:40.986Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "kdebase-screensaver-security-bypass(19084)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19084"
},
{
"name": "oval:org.mitre.oval:def:9260",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9260"
},
{
"name": "DSA-660",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-660"
},
{
"name": "RHSA-2005:009",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-009.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-01-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The KDE screen saver in KDE before 3.0.5 does not properly check the return value from a certain function call, which allows attackers with physical access to cause a crash and access the desktop session."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "kdebase-screensaver-security-bypass(19084)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19084"
},
{
"name": "oval:org.mitre.oval:def:9260",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9260"
},
{
"name": "DSA-660",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-660"
},
{
"name": "RHSA-2005:009",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-009.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0078",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The KDE screen saver in KDE before 3.0.5 does not properly check the return value from a certain function call, which allows attackers with physical access to cause a crash and access the desktop session."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "kdebase-screensaver-security-bypass(19084)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19084"
},
{
"name": "oval:org.mitre.oval:def:9260",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9260"
},
{
"name": "DSA-660",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-660"
},
{
"name": "RHSA-2005:009",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-009.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0078",
"datePublished": "2005-01-29T05:00:00",
"dateReserved": "2005-01-14T00:00:00",
"dateUpdated": "2024-08-07T20:57:40.986Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-2449 (GCVE-0-2006-2449)
Vulnerability from cvelistv5
Published
2006-06-15 10:00
Modified
2024-08-07 17:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
KDE Display Manager (KDM) in KDE 3.2.0 up to 3.5.3 allows local users to read arbitrary files via a symlink attack related to the session type for login.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:51:04.699Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "21662",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21662"
},
{
"name": "20890",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20890"
},
{
"name": "20674",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20674"
},
{
"name": "26511",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/26511"
},
{
"name": "20702",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20702"
},
{
"name": "RHSA-2006:0548",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0548.html"
},
{
"name": "1016297",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016297"
},
{
"name": "MDKSA-2006:106",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:106"
},
{
"name": "USN-301-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/301-1/"
},
{
"name": "20602",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20602"
},
{
"name": "kde-kdm-symlink(27181)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27181"
},
{
"name": "20869",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20869"
},
{
"name": "oval:org.mitre.oval:def:9844",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9844"
},
{
"name": "ADV-2006-2355",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2355"
},
{
"name": "20660",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20660"
},
{
"name": "DSA-1156",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1156"
},
{
"name": "20060614 [KDE Security Advisory] KDM symlink attack vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/437133/100/0/threaded"
},
{
"name": "SUSE-SA:2006:039",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2006_39_kdm.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20060614-1.txt"
},
{
"name": "GLSA-200606-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200606-23.xml"
},
{
"name": "SSA:2006-178-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.444467"
},
{
"name": "20785",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20785"
},
{
"name": "MDKSA-2006:105",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:105"
},
{
"name": "20060615 rPSA-2006-0106-1 kdebase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/437322/100/0/threaded"
},
{
"name": "18431",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18431"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "KDE Display Manager (KDM) in KDE 3.2.0 up to 3.5.3 allows local users to read arbitrary files via a symlink attack related to the session type for login."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "21662",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21662"
},
{
"name": "20890",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20890"
},
{
"name": "20674",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20674"
},
{
"name": "26511",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/26511"
},
{
"name": "20702",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20702"
},
{
"name": "RHSA-2006:0548",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0548.html"
},
{
"name": "1016297",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016297"
},
{
"name": "MDKSA-2006:106",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:106"
},
{
"name": "USN-301-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/301-1/"
},
{
"name": "20602",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20602"
},
{
"name": "kde-kdm-symlink(27181)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27181"
},
{
"name": "20869",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20869"
},
{
"name": "oval:org.mitre.oval:def:9844",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9844"
},
{
"name": "ADV-2006-2355",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2355"
},
{
"name": "20660",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20660"
},
{
"name": "DSA-1156",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1156"
},
{
"name": "20060614 [KDE Security Advisory] KDM symlink attack vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/437133/100/0/threaded"
},
{
"name": "SUSE-SA:2006:039",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2006_39_kdm.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20060614-1.txt"
},
{
"name": "GLSA-200606-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200606-23.xml"
},
{
"name": "SSA:2006-178-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.444467"
},
{
"name": "20785",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20785"
},
{
"name": "MDKSA-2006:105",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:105"
},
{
"name": "20060615 rPSA-2006-0106-1 kdebase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/437322/100/0/threaded"
},
{
"name": "18431",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18431"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2006-2449",
"datePublished": "2006-06-15T10:00:00",
"dateReserved": "2006-05-18T00:00:00",
"dateUpdated": "2024-08-07T17:51:04.699Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0365 (GCVE-0-2005-0365)
Vulnerability from cvelistv5
Published
2005-02-11 05:00
Modified
2024-08-07 21:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The dcopidlng script in KDE 3.2.x and 3.3.x creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:13:54.151Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20050316-2.txt"
},
{
"name": "20050211 insecure temporary file creation in kdelibs 3.3.2",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110814653804757\u0026w=2"
},
{
"name": "MDKSA-2005:058",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:058"
},
{
"name": "FEDORA-2005-245",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://fedoranews.org/updates/FEDORA-2005-245.shtml"
},
{
"name": "1013525",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1013525"
},
{
"name": "RHSA-2005:325",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-325.html"
},
{
"name": "14254",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14254"
},
{
"name": "oval:org.mitre.oval:def:10676",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10676"
},
{
"name": "MDKSA-2005:045",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:045"
},
{
"name": "GLSA-200503-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200503-14.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.kde.org/show_bug.cgi?id=97608"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-02-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The dcopidlng script in KDE 3.2.x and 3.3.x creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20050316-2.txt"
},
{
"name": "20050211 insecure temporary file creation in kdelibs 3.3.2",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110814653804757\u0026w=2"
},
{
"name": "MDKSA-2005:058",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:058"
},
{
"name": "FEDORA-2005-245",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://fedoranews.org/updates/FEDORA-2005-245.shtml"
},
{
"name": "1013525",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1013525"
},
{
"name": "RHSA-2005:325",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-325.html"
},
{
"name": "14254",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14254"
},
{
"name": "oval:org.mitre.oval:def:10676",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10676"
},
{
"name": "MDKSA-2005:045",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:045"
},
{
"name": "GLSA-200503-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200503-14.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.kde.org/show_bug.cgi?id=97608"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0365",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The dcopidlng script in KDE 3.2.x and 3.3.x creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.kde.org/info/security/advisory-20050316-2.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20050316-2.txt"
},
{
"name": "20050211 insecure temporary file creation in kdelibs 3.3.2",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110814653804757\u0026w=2"
},
{
"name": "MDKSA-2005:058",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:058"
},
{
"name": "FEDORA-2005-245",
"refsource": "FEDORA",
"url": "http://fedoranews.org/updates/FEDORA-2005-245.shtml"
},
{
"name": "1013525",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013525"
},
{
"name": "RHSA-2005:325",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-325.html"
},
{
"name": "14254",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14254"
},
{
"name": "oval:org.mitre.oval:def:10676",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10676"
},
{
"name": "MDKSA-2005:045",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:045"
},
{
"name": "GLSA-200503-14",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200503-14.xml"
},
{
"name": "http://bugs.kde.org/show_bug.cgi?id=97608",
"refsource": "CONFIRM",
"url": "http://bugs.kde.org/show_bug.cgi?id=97608"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0365",
"datePublished": "2005-02-11T05:00:00",
"dateReserved": "2005-02-11T00:00:00",
"dateUpdated": "2024-08-07T21:13:54.151Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0204 (GCVE-0-2003-0204)
Vulnerability from cvelistv5
Published
2003-04-15 04:00
Modified
2024-08-08 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
KDE 2 and KDE 3.1.1 and earlier 3.x versions allows attackers to execute arbitrary commands via (1) PostScript (PS) or (2) PDF files, related to missing -dPARANOIDSAFER and -dSAFER arguments when using the kghostview Ghostscript viewer.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:43:36.042Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20030412 [Sorcerer-spells] KDE-SORCERER2003-04-12",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105017403010459\u0026w=2"
},
{
"name": "MDKSA-2003:049",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:049"
},
{
"name": "CLA-2003:668",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000668"
},
{
"name": "DSA-296",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-296"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.kde.org/show_bug.cgi?id=53343"
},
{
"name": "20030414 GLSA: kde-2.x (200304-05.1)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105034222521369\u0026w=2"
},
{
"name": "CLA-2003:747",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000747"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20030409-1.txt"
},
{
"name": "RHSA-2003:002",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.kde.org/show_bug.cgi?id=56808"
},
{
"name": "20030410 GLSA: kde-3.x (200304-04)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105001557020141\u0026w=2"
},
{
"name": "DSA-284",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-284"
},
{
"name": "DSA-293",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-293"
},
{
"name": "20030411 GLSA: kde-2.x (200304-05)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105012994719099\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-04-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "KDE 2 and KDE 3.1.1 and earlier 3.x versions allows attackers to execute arbitrary commands via (1) PostScript (PS) or (2) PDF files, related to missing -dPARANOIDSAFER and -dSAFER arguments when using the kghostview Ghostscript viewer."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20030412 [Sorcerer-spells] KDE-SORCERER2003-04-12",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105017403010459\u0026w=2"
},
{
"name": "MDKSA-2003:049",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:049"
},
{
"name": "CLA-2003:668",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000668"
},
{
"name": "DSA-296",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-296"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.kde.org/show_bug.cgi?id=53343"
},
{
"name": "20030414 GLSA: kde-2.x (200304-05.1)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105034222521369\u0026w=2"
},
{
"name": "CLA-2003:747",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000747"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20030409-1.txt"
},
{
"name": "RHSA-2003:002",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.kde.org/show_bug.cgi?id=56808"
},
{
"name": "20030410 GLSA: kde-3.x (200304-04)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105001557020141\u0026w=2"
},
{
"name": "DSA-284",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-284"
},
{
"name": "DSA-293",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-293"
},
{
"name": "20030411 GLSA: kde-2.x (200304-05)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105012994719099\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0204",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "KDE 2 and KDE 3.1.1 and earlier 3.x versions allows attackers to execute arbitrary commands via (1) PostScript (PS) or (2) PDF files, related to missing -dPARANOIDSAFER and -dSAFER arguments when using the kghostview Ghostscript viewer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20030412 [Sorcerer-spells] KDE-SORCERER2003-04-12",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=105017403010459\u0026w=2"
},
{
"name": "MDKSA-2003:049",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:049"
},
{
"name": "CLA-2003:668",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000668"
},
{
"name": "DSA-296",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-296"
},
{
"name": "http://bugs.kde.org/show_bug.cgi?id=53343",
"refsource": "CONFIRM",
"url": "http://bugs.kde.org/show_bug.cgi?id=53343"
},
{
"name": "20030414 GLSA: kde-2.x (200304-05.1)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=105034222521369\u0026w=2"
},
{
"name": "CLA-2003:747",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000747"
},
{
"name": "http://www.kde.org/info/security/advisory-20030409-1.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20030409-1.txt"
},
{
"name": "RHSA-2003:002",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-002.html"
},
{
"name": "http://bugs.kde.org/show_bug.cgi?id=56808",
"refsource": "CONFIRM",
"url": "http://bugs.kde.org/show_bug.cgi?id=56808"
},
{
"name": "20030410 GLSA: kde-3.x (200304-04)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=105001557020141\u0026w=2"
},
{
"name": "DSA-284",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-284"
},
{
"name": "DSA-293",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-293"
},
{
"name": "20030411 GLSA: kde-2.x (200304-05)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=105012994719099\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0204",
"datePublished": "2003-04-15T04:00:00",
"dateReserved": "2003-04-14T00:00:00",
"dateUpdated": "2024-08-08T01:43:36.042Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0988 (GCVE-0-2003-0988)
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 02:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in the VCF file information reader for KDE Personal Information Management (kdepim) suite in KDE 3.1.0 through 3.1.4 allows attackers to execute arbitrary code via a VCF file.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:12:35.891Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:865",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A865"
},
{
"name": "20040114 KDE Security Advisory: VCF file information reader vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107412130407906\u0026w=2"
},
{
"name": "GLSA-200404-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200404-02.xml"
},
{
"name": "oval:org.mitre.oval:def:858",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A858"
},
{
"name": "kde-kdepim-bo(14833)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14833"
},
{
"name": "RHSA-2004:005",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-005.html"
},
{
"name": "CLA-2004:810",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000810"
},
{
"name": "MDKSA-2004:003",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:003"
},
{
"name": "VU#820798",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/820798"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20040114-1.txt"
},
{
"name": "RHSA-2004:006",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-006.html"
},
{
"name": "9419",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9419"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-01-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the VCF file information reader for KDE Personal Information Management (kdepim) suite in KDE 3.1.0 through 3.1.4 allows attackers to execute arbitrary code via a VCF file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-07-17T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:865",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A865"
},
{
"name": "20040114 KDE Security Advisory: VCF file information reader vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107412130407906\u0026w=2"
},
{
"name": "GLSA-200404-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200404-02.xml"
},
{
"name": "oval:org.mitre.oval:def:858",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A858"
},
{
"name": "kde-kdepim-bo(14833)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14833"
},
{
"name": "RHSA-2004:005",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-005.html"
},
{
"name": "CLA-2004:810",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000810"
},
{
"name": "MDKSA-2004:003",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:003"
},
{
"name": "VU#820798",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/820798"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20040114-1.txt"
},
{
"name": "RHSA-2004:006",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-006.html"
},
{
"name": "9419",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9419"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0988",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the VCF file information reader for KDE Personal Information Management (kdepim) suite in KDE 3.1.0 through 3.1.4 allows attackers to execute arbitrary code via a VCF file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:865",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A865"
},
{
"name": "20040114 KDE Security Advisory: VCF file information reader vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107412130407906\u0026w=2"
},
{
"name": "GLSA-200404-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200404-02.xml"
},
{
"name": "oval:org.mitre.oval:def:858",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A858"
},
{
"name": "kde-kdepim-bo(14833)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14833"
},
{
"name": "RHSA-2004:005",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-005.html"
},
{
"name": "CLA-2004:810",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000810"
},
{
"name": "MDKSA-2004:003",
"refsource": "MANDRAKE",
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:003"
},
{
"name": "VU#820798",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/820798"
},
{
"name": "http://www.kde.org/info/security/advisory-20040114-1.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20040114-1.txt"
},
{
"name": "RHSA-2004:006",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-006.html"
},
{
"name": "9419",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9419"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0988",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2003-12-16T00:00:00",
"dateUpdated": "2024-08-08T02:12:35.891Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0782 (GCVE-0-1999-0782)
Vulnerability from cvelistv5
Published
2000-04-25 04:00
Modified
2024-08-01 16:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:48:37.807Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19981118 Multiple KDE security vulnerabilities (root compromise)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=91141486301691\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19981118 Multiple KDE security vulnerabilities (root compromise)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=91141486301691\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0782",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19981118 Multiple KDE security vulnerabilities (root compromise)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=91141486301691\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0782",
"datePublished": "2000-04-25T04:00:00",
"dateReserved": "1999-11-25T00:00:00",
"dateUpdated": "2024-08-01T16:48:37.807Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0803 (GCVE-0-2004-0803)
Vulnerability from cvelistv5
Published
2004-10-26 04:00
Modified
2024-08-08 00:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:47.951Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-200410-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-11.xml"
},
{
"name": "RHSA-2004:577",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-577.html"
},
{
"name": "MDKSA-2004:109",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:109"
},
{
"name": "oval:org.mitre.oval:def:100114",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100114"
},
{
"name": "RHSA-2005:021",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-021.html"
},
{
"name": "20041013 CESA-2004-006: libtiff",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109778785107450\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:8896",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8896"
},
{
"name": "201072",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1"
},
{
"name": "101677",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1"
},
{
"name": "SUSE-SA:2004:038",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2004_38_libtiff.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://scary.beasts.org/security/CESA-2004-006.txt"
},
{
"name": "CLA-2004:888",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000888"
},
{
"name": "MDKSA-2005:052",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20041209-2.txt"
},
{
"name": "RHSA-2005:354",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
},
{
"name": "12818",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/12818"
},
{
"name": "libtiff-library-decoding-bo(17703)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17703"
},
{
"name": "11406",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11406"
},
{
"name": "DSA-567",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-567"
},
{
"name": "VU#948752",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/948752"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-10-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-200410-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-11.xml"
},
{
"name": "RHSA-2004:577",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-577.html"
},
{
"name": "MDKSA-2004:109",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:109"
},
{
"name": "oval:org.mitre.oval:def:100114",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100114"
},
{
"name": "RHSA-2005:021",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-021.html"
},
{
"name": "20041013 CESA-2004-006: libtiff",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109778785107450\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:8896",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8896"
},
{
"name": "201072",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1"
},
{
"name": "101677",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1"
},
{
"name": "SUSE-SA:2004:038",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2004_38_libtiff.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://scary.beasts.org/security/CESA-2004-006.txt"
},
{
"name": "CLA-2004:888",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000888"
},
{
"name": "MDKSA-2005:052",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20041209-2.txt"
},
{
"name": "RHSA-2005:354",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
},
{
"name": "12818",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/12818"
},
{
"name": "libtiff-library-decoding-bo(17703)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17703"
},
{
"name": "11406",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11406"
},
{
"name": "DSA-567",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-567"
},
{
"name": "VU#948752",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/948752"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0803",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-200410-11",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-11.xml"
},
{
"name": "RHSA-2004:577",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-577.html"
},
{
"name": "MDKSA-2004:109",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:109"
},
{
"name": "oval:org.mitre.oval:def:100114",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100114"
},
{
"name": "RHSA-2005:021",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-021.html"
},
{
"name": "20041013 CESA-2004-006: libtiff",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=109778785107450\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:8896",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8896"
},
{
"name": "201072",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1"
},
{
"name": "101677",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1"
},
{
"name": "SUSE-SA:2004:038",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2004_38_libtiff.html"
},
{
"name": "http://scary.beasts.org/security/CESA-2004-006.txt",
"refsource": "MISC",
"url": "http://scary.beasts.org/security/CESA-2004-006.txt"
},
{
"name": "CLA-2004:888",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000888"
},
{
"name": "MDKSA-2005:052",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052"
},
{
"name": "http://www.kde.org/info/security/advisory-20041209-2.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20041209-2.txt"
},
{
"name": "RHSA-2005:354",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
},
{
"name": "12818",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12818"
},
{
"name": "libtiff-library-decoding-bo(17703)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17703"
},
{
"name": "11406",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11406"
},
{
"name": "DSA-567",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-567"
},
{
"name": "VU#948752",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/948752"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0803",
"datePublished": "2004-10-26T04:00:00",
"dateReserved": "2004-08-25T00:00:00",
"dateUpdated": "2024-08-08T00:31:47.951Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2005-05-02 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The dcopidlng script in KDE 3.2.x and 3.3.x creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://bugs.kde.org/show_bug.cgi?id=97608 | Patch, Vendor Advisory | |
| cve@mitre.org | http://fedoranews.org/updates/FEDORA-2005-245.shtml | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=110814653804757&w=2 | ||
| cve@mitre.org | http://secunia.com/advisories/14254 | ||
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-200503-14.xml | Patch, Vendor Advisory | |
| cve@mitre.org | http://securitytracker.com/id?1013525 | ||
| cve@mitre.org | http://www.kde.org/info/security/advisory-20050316-2.txt | Patch | |
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2005:045 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2005:058 | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-325.html | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10676 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://bugs.kde.org/show_bug.cgi?id=97608 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://fedoranews.org/updates/FEDORA-2005-245.shtml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=110814653804757&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/14254 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200503-14.xml | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1013525 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20050316-2.txt | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2005:045 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2005:058 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-325.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10676 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:3.2.x:*:*:*:*:*:*:*",
"matchCriteriaId": "44B5E71B-FBA8-472D-827F-078E337724E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.x:*:*:*:*:*:*:*",
"matchCriteriaId": "CB35C02B-9966-41CA-BB8F-61EACB777816",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The dcopidlng script in KDE 3.2.x and 3.3.x creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack."
}
],
"id": "CVE-2005-0365",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-02T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://bugs.kde.org/show_bug.cgi?id=97608"
},
{
"source": "cve@mitre.org",
"url": "http://fedoranews.org/updates/FEDORA-2005-245.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110814653804757\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/14254"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200503-14.xml"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1013525"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.kde.org/info/security/advisory-20050316-2.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:045"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:058"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-325.html"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10676"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://bugs.kde.org/show_bug.cgi?id=97608"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://fedoranews.org/updates/FEDORA-2005-245.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110814653804757\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/14254"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200503-14.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1013525"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.kde.org/info/security/advisory-20050316-2.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:045"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:058"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-325.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10676"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-07-26 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote attackers to obtain sensitive information.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=112171434023679&w=2 | Mailing List | |
| secalert@redhat.com | http://secunia.com/advisories/16099 | Broken Link | |
| secalert@redhat.com | http://secunia.com/advisories/23099 | Broken Link | |
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-200611-21.xml | Third Party Advisory | |
| secalert@redhat.com | http://securitytracker.com/id?1014512 | Broken Link, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.debian.org/security/2005/dsa-804 | Third Party Advisory | |
| secalert@redhat.com | http://www.kde.org/info/security/advisory-20050718-1.txt | Patch, Vendor Advisory | |
| secalert@redhat.com | http://www.novell.com/linux/security/advisories/2005_18_sr.html | Broken Link | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2005-612.html | Broken Link | |
| secalert@redhat.com | http://www.securityfocus.com/archive/1/427976/100/0/threaded | Broken Link, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.securityfocus.com/bid/14297 | Broken Link, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9434 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=112171434023679&w=2 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/16099 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/23099 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200611-21.xml | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1014512 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-804 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20050718-1.txt | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2005_18_sr.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-612.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/427976/100/0/threaded | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/14297 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9434 | Broken Link |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kde | kde | * | |
| debian | debian_linux | 3.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FBCB14-BB97-4340-B5A5-5759A7D417DC",
"versionEndIncluding": "3.4.0",
"versionStartIncluding": "3.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote attackers to obtain sensitive information."
},
{
"lang": "es",
"value": "Las aplicaciones Kate y Kwrite en KDE 3.2.x hasta la 3.4.0 no fijan adecuadamente los permisos en los ficheros de backup, lo que podr\u00eda permitir que usuarios locales, y posiblemente tambi\u00e9n remotos, obtengan informaci\u00f3n confidencial."
}
],
"id": "CVE-2005-1920",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2005-07-26T04:00:00.000",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112171434023679\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/16099"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/23099"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200611-21.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1014512"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2005/dsa-804"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20050718-1.txt"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.novell.com/linux/security/advisories/2005_18_sr.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-612.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/427976/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/14297"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9434"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112171434023679\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/16099"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/23099"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200611-21.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1014512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2005/dsa-804"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20050718-1.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.novell.com/linux/security/advisories/2005_18_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-612.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/427976/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/14297"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9434"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-281"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-23 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000888 | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=109778785107450&w=2 | ||
| cve@mitre.org | http://scary.beasts.org/security/CESA-2004-006.txt | ||
| cve@mitre.org | http://secunia.com/advisories/12818 | ||
| cve@mitre.org | http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1 | ||
| cve@mitre.org | http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1 | ||
| cve@mitre.org | http://www.debian.org/security/2004/dsa-567 | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.gentoo.org/security/en/glsa/glsa-200410-11.xml | ||
| cve@mitre.org | http://www.kb.cert.org/vuls/id/948752 | Third Party Advisory, US Government Resource | |
| cve@mitre.org | http://www.kde.org/info/security/advisory-20041209-2.txt | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2004:109 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2005:052 | ||
| cve@mitre.org | http://www.novell.com/linux/security/advisories/2004_38_libtiff.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2004-577.html | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-021.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-354.html | ||
| cve@mitre.org | http://www.securityfocus.com/bid/11406 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/17703 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100114 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8896 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000888 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=109778785107450&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://scary.beasts.org/security/CESA-2004-006.txt | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/12818 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2004/dsa-567 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200410-11.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/948752 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20041209-2.txt | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2004:109 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2005:052 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2004_38_libtiff.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2004-577.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-021.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-354.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/11406 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/17703 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100114 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8896 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libtiff | libtiff | 3.4 | |
| libtiff | libtiff | 3.5.1 | |
| libtiff | libtiff | 3.5.2 | |
| libtiff | libtiff | 3.5.3 | |
| libtiff | libtiff | 3.5.4 | |
| libtiff | libtiff | 3.5.5 | |
| libtiff | libtiff | 3.5.7 | |
| libtiff | libtiff | 3.6.0 | |
| libtiff | libtiff | 3.6.1 | |
| pdflib | pdf_library | 5.0.2 | |
| wxgtk2 | wxgtk2 | 2.5_.0 | |
| apple | mac_os_x | 10.2 | |
| apple | mac_os_x | 10.2.1 | |
| apple | mac_os_x | 10.2.2 | |
| apple | mac_os_x | 10.2.3 | |
| apple | mac_os_x | 10.2.4 | |
| apple | mac_os_x | 10.2.5 | |
| apple | mac_os_x | 10.2.6 | |
| apple | mac_os_x | 10.2.7 | |
| apple | mac_os_x | 10.2.8 | |
| apple | mac_os_x | 10.3 | |
| apple | mac_os_x | 10.3.1 | |
| apple | mac_os_x | 10.3.2 | |
| apple | mac_os_x | 10.3.3 | |
| apple | mac_os_x | 10.3.4 | |
| apple | mac_os_x | 10.3.5 | |
| apple | mac_os_x | 10.3.6 | |
| apple | mac_os_x_server | 10.2 | |
| apple | mac_os_x_server | 10.2.1 | |
| apple | mac_os_x_server | 10.2.2 | |
| apple | mac_os_x_server | 10.2.3 | |
| apple | mac_os_x_server | 10.2.4 | |
| apple | mac_os_x_server | 10.2.5 | |
| apple | mac_os_x_server | 10.2.6 | |
| apple | mac_os_x_server | 10.2.7 | |
| apple | mac_os_x_server | 10.2.8 | |
| apple | mac_os_x_server | 10.3 | |
| apple | mac_os_x_server | 10.3.1 | |
| apple | mac_os_x_server | 10.3.2 | |
| apple | mac_os_x_server | 10.3.3 | |
| apple | mac_os_x_server | 10.3.4 | |
| apple | mac_os_x_server | 10.3.5 | |
| apple | mac_os_x_server | 10.3.6 | |
| kde | kde | 3.2 | |
| kde | kde | 3.2.1 | |
| kde | kde | 3.2.2 | |
| kde | kde | 3.2.3 | |
| kde | kde | 3.3 | |
| kde | kde | 3.3.1 | |
| mandrakesoft | mandrake_linux | 10.0 | |
| mandrakesoft | mandrake_linux | 10.0 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux_desktop | 3.0 | |
| redhat | fedora_core | core_2.0 | |
| redhat | linux_advanced_workstation | 2.1 | |
| redhat | linux_advanced_workstation | 2.1 | |
| suse | suse_linux | 1.0 | |
| suse | suse_linux | 8 | |
| suse | suse_linux | 8.1 | |
| suse | suse_linux | 8.2 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.1 | |
| trustix | secure_linux | 1.5 | |
| trustix | secure_linux | 2.0 | |
| trustix | secure_linux | 2.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CCA5EEB8-9D2C-49A9-BB08-CE5017B79D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "261FAE51-5207-4136-9FFE-2330A281266C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B32C83B9-F7DA-450A-A687-9A73734CD712",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9485283A-B73E-4567-914A-42A86F5FFCB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "95892168-0FB6-4E3F-9303-2F9B3CF60D2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A5021564-5E0A-4DDC-BC68-200B6050043E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "19AA66E5-FDDD-4243-B945-DFEBDD25F258",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "62F359CD-5DC4-4919-B8E1-95BDDBD27EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C8C550-3313-4266-B4B3-E9E9047CFE04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdflib:pdf_library:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E0A70D7A-D552-49A4-9E6F-B014BF195D6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wxgtk2:wxgtk2:2.5_.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B2814035-2888-43B9-B597-2CBF17C56FD5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCF4FB3-F781-46D5-BEE7-485B3DC78B83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AE52A344-8B07-480D-A57F-B1F6E6574F3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56CC0444-570C-4BB5-B53A-C5CA0BD87935",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "62E3EED7-FE30-4620-B40B-9CC49B77408A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5AFD8BC6-4893-4D9D-A26E-27AAC864F94B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9BD1F9A1-5ADB-451D-9525-D545E42D2B8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7A24978-2891-425C-ACF6-E8F5C839C54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9B20E130-6078-4336-B614-273C27142B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "AB461678-560D-436E-A3AE-9E1E16DB0412",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BFDADE04-29F0-446B-824B-0518880CF0A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ED9BE602-A740-4CF7-9CAF-59061B16AB31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "33E698C1-C313-40E6-BAF9-7C8F9CF02484",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BF2D00AC-FA2A-4C39-B796-DC19072862CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "421079DA-B605-4E05-9454-C30CF7631CF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "93B734BA-3435-40A9-B22B-5D56CEB865A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C4B57B3E-B1B2-4F13-99D3-4F9DB3C07B5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "00AE033B-5F16-4262-A397-02D7450189B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2E831F3E-A980-47AF-BD05-2DB1A14689B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "36991737-904F-4B26-AEE2-7B30411279E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EE6036-1A18-43F1-8A92-7DF39E1516E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "620ECFC8-293D-4C2B-9698-67185BB6E2EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F14A45-BDDB-4C12-9370-D5241975A928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "46BC34D4-A1E8-4E01-982D-EAF03A0EB886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "35932546-B614-47C0-98E6-8EF1EFE06725",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "38F17066-C090-4DD7-A1AC-D8FF70D268CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1E997653-C744-4F1F-9948-47579AB3BED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DF5A416A-F198-4B9C-8221-D36CC8A7FE5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "384C130F-D1A9-4482-AF20-FC81933473A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E8BCD1C5-1AFC-4287-9AFD-81FB3F4F9E54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3CA6BD2A-3022-408D-8E4F-50865996E965",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "463D5628-7536-4029-99D6-5E525050059E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "69A39B11-1C23-4A6C-B4C5-AEC40836F173",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "82F69843-978D-4686-BC5B-1D09DA4A21BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ACEE0AED-7918-41E9-A902-AC4070E03132",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "81E19472-47B4-4398-A188-CA5A5D3E7060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D17407A2-089E-43A5-9BD5-EFF966F5CC16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C4B436D-8D6A-473E-B707-26147208808B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E26B353-4985-4116-B97A-5767CDC732F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
"matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*",
"matchCriteriaId": "81B543F9-C209-46C2-B0AE-E14818A6992E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*",
"matchCriteriaId": "DB89C970-DE94-4E09-A90A-077DB83AD156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
"matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*",
"matchCriteriaId": "C7EAAD04-D7C4-43DE-B488-1AAD014B503E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "D2E2EF3C-1379-4CBE-8FF5-DACD47834651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "39605B96-BAD6-45C9-BB9A-43D6E2C51ADD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A67735E5-E43E-4164-BDB2-ADC6E0288E9F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades en los decodificadores RLE (run length encoding) de libtiff 3.6.1 y anteriores, relacionadas con desbordamientos de enteros y de b\u00fafer, permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante ficheros TIFF."
}
],
"id": "CVE-2004-0803",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-23T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000888"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109778785107450\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://scary.beasts.org/security/CESA-2004-006.txt"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/12818"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-567"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-11.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/948752"
},
{
"source": "cve@mitre.org",
"url": "http://www.kde.org/info/security/advisory-20041209-2.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:109"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2004_38_libtiff.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-577.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-021.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/11406"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17703"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100114"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8896"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000888"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109778785107450\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://scary.beasts.org/security/CESA-2004-006.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/12818"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-567"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-11.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/948752"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.kde.org/info/security/advisory-20041209-2.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:109"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2004_38_libtiff.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-577.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/11406"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17703"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100114"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8896"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-27 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://marc.info/?l=bugtraq&m=109880927526773&w=2 | ||
| cve@mitre.org | http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2004:113 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/11501 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/17819 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=109880927526773&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2004:113 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/11501 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/17819 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| easy_software_products | cups | 1.0.4 | |
| easy_software_products | cups | 1.0.4_8 | |
| easy_software_products | cups | 1.1.1 | |
| easy_software_products | cups | 1.1.4 | |
| easy_software_products | cups | 1.1.4_2 | |
| easy_software_products | cups | 1.1.4_3 | |
| easy_software_products | cups | 1.1.4_5 | |
| easy_software_products | cups | 1.1.6 | |
| easy_software_products | cups | 1.1.7 | |
| easy_software_products | cups | 1.1.10 | |
| easy_software_products | cups | 1.1.12 | |
| easy_software_products | cups | 1.1.13 | |
| easy_software_products | cups | 1.1.14 | |
| easy_software_products | cups | 1.1.15 | |
| easy_software_products | cups | 1.1.16 | |
| easy_software_products | cups | 1.1.17 | |
| easy_software_products | cups | 1.1.18 | |
| easy_software_products | cups | 1.1.19 | |
| easy_software_products | cups | 1.1.19_rc5 | |
| easy_software_products | cups | 1.1.20 | |
| gnome | gpdf | 0.112 | |
| gnome | gpdf | 0.131 | |
| kde | koffice | 1.3 | |
| kde | koffice | 1.3.1 | |
| kde | koffice | 1.3.2 | |
| kde | koffice | 1.3.3 | |
| kde | koffice | 1.3_beta1 | |
| kde | koffice | 1.3_beta2 | |
| kde | koffice | 1.3_beta3 | |
| kde | kpdf | 3.2 | |
| pdftohtml | pdftohtml | 0.32a | |
| pdftohtml | pdftohtml | 0.32b | |
| pdftohtml | pdftohtml | 0.33 | |
| pdftohtml | pdftohtml | 0.33a | |
| pdftohtml | pdftohtml | 0.34 | |
| pdftohtml | pdftohtml | 0.35 | |
| pdftohtml | pdftohtml | 0.36 | |
| tetex | tetex | 1.0.7 | |
| tetex | tetex | 2.0 | |
| tetex | tetex | 2.0.1 | |
| tetex | tetex | 2.0.2 | |
| xpdf | xpdf | 0.90 | |
| xpdf | xpdf | 0.91 | |
| xpdf | xpdf | 0.92 | |
| xpdf | xpdf | 0.93 | |
| xpdf | xpdf | 1.0 | |
| xpdf | xpdf | 1.0a | |
| xpdf | xpdf | 1.1 | |
| xpdf | xpdf | 2.0 | |
| xpdf | xpdf | 2.1 | |
| xpdf | xpdf | 2.3 | |
| xpdf | xpdf | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| gentoo | linux | * | |
| kde | kde | 3.2 | |
| kde | kde | 3.2.1 | |
| kde | kde | 3.2.2 | |
| kde | kde | 3.2.3 | |
| kde | kde | 3.3 | |
| kde | kde | 3.3.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux_desktop | 3.0 | |
| redhat | fedora_core | core_2.0 | |
| redhat | linux_advanced_workstation | 2.1 | |
| redhat | linux_advanced_workstation | 2.1 | |
| suse | suse_linux | 8.0 | |
| suse | suse_linux | 8.1 | |
| suse | suse_linux | 8.2 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.1 | |
| suse | suse_linux | 9.2 | |
| ubuntu | ubuntu_linux | 4.1 | |
| ubuntu | ubuntu_linux | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "68BD578F-CCAD-4515-9205-EB4F297C6DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4_8:*:*:*:*:*:*:*",
"matchCriteriaId": "F3182CA2-7375-43BC-A0E5-DE11D4B65EE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FCF4C8D0-3030-4DD5-800B-76A582A4CD0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "734D0C2C-F71F-461A-87EE-202C6B706753",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_2:*:*:*:*:*:*:*",
"matchCriteriaId": "3F0F402D-5CD0-4477-8B59-C753CECB02BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_3:*:*:*:*:*:*:*",
"matchCriteriaId": "959F7AFA-ED20-434C-993F-06C2A8574662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_5:*:*:*:*:*:*:*",
"matchCriteriaId": "D4F5A0A4-2884-46CA-A846-8B954EB80CFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1741CC9D-C4A8-48F9-86CF-EC20AE2A6BE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "35E65857-12C7-49DE-AD27-3CACD456231C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "47CEF035-57A6-470B-916A-E5562C28E866",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "4E26BB15-4CF8-4496-A7F7-EB34C444EF72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "D414984E-4F6B-4278-8346-968587E4B18E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "33C36DCB-2FDD-44E6-85E8-875575AAE69E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "7C4B7C23-0C54-4FBA-A774-9CC1E148376E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "9FA0EF14-33E6-4D44-B86E-F04014EA3C8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "A5428EE6-F90A-4BB6-9D8C-8B99E80AB6DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "A786A770-919E-4E23-949D-D836F316618A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "00A2249C-73DE-434E-A41F-4EDB0ADC0845",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.19_rc5:*:*:*:*:*:*:*",
"matchCriteriaId": "73AB4D3D-FF35-4A50-A144-3AD41F6F2E55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "FB7653F1-70E2-423F-A6A9-30333644B506",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:gpdf:0.112:*:*:*:*:*:*:*",
"matchCriteriaId": "2E70576E-C253-4F8B-A93E-14CC2EE7114D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:gpdf:0.131:*:*:*:*:*:*:*",
"matchCriteriaId": "832C5512-B473-40E8-BF4F-EC6ABFE46749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "053435DD-BFDF-4C39-9919-11C42D569085",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E9BB1A3C-3348-4545-A513-E504B33F72AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CD45E2C8-0B0E-484F-8050-94BF77798183",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4EAA654E-9DD4-4614-92D7-EF4D676B3A18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3_beta1:*:*:*:*:*:*:*",
"matchCriteriaId": "89C96FC9-40DB-467D-A701-49F97A1B887D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3_beta2:*:*:*:*:*:*:*",
"matchCriteriaId": "76128BDC-2CA7-4AE7-8C4F-BCB3835CA938",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3_beta3:*:*:*:*:*:*:*",
"matchCriteriaId": "0B2517C7-27EF-4961-91C3-CA33219AFF2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.32a:*:*:*:*:*:*:*",
"matchCriteriaId": "EE346726-71D6-438B-B600-A7E107332816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.32b:*:*:*:*:*:*:*",
"matchCriteriaId": "87E85020-B4DB-4011-BDD0-1C8967D45A84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.33:*:*:*:*:*:*:*",
"matchCriteriaId": "8189A9AB-F685-40E2-944F-8BD3DD6FA0A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.33a:*:*:*:*:*:*:*",
"matchCriteriaId": "C33B8585-FA5F-4210-A997-615BCEE1726F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.34:*:*:*:*:*:*:*",
"matchCriteriaId": "F4AE4C34-C497-426F-AC0D-1805A50582EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.35:*:*:*:*:*:*:*",
"matchCriteriaId": "A2989EFF-07B9-4EF2-B6C1-59E4F52FDC92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.36:*:*:*:*:*:*:*",
"matchCriteriaId": "A3970101-5E83-49FD-BCB6-D9176D46B5A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "28CC6233-E207-40CC-81FF-A8670EEA4295",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "64DD9B5C-3DB8-4E15-B4A6-541E4E221C1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "0304E1E3-8766-40D0-8879-A652B4E9E72D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "188F1343-8082-4B54-8DA4-E344818ABD52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B95DA7DE-B786-4EE7-A3F4-C077A7986D5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:1.0a:*:*:*:*:*:*:*",
"matchCriteriaId": "C5306C05-4A71-4175-8C22-F2DE0F2FE4C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3B9DEF16-ECD5-4BBE-8986-52A6171B3D9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CFFDBEEC-B2C1-47F0-82D3-FC9147B590A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "354487CF-0086-4AE2-872B-0032E3EB89EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1169B802-7279-437F-AF59-621A67DC92EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*",
"matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*",
"matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*",
"matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*",
"matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*",
"matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*",
"matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*",
"matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*",
"matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*",
"matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "82F69843-978D-4686-BC5B-1D09DA4A21BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ACEE0AED-7918-41E9-A902-AC4070E03132",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "81E19472-47B4-4398-A188-CA5A5D3E7060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D17407A2-089E-43A5-9BD5-EFF966F5CC16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C4B436D-8D6A-473E-B707-26147208808B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E26B353-4985-4116-B97A-5767CDC732F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
"matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888."
}
],
"id": "CVE-2004-0889",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-27T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109880927526773\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:113"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/11501"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17819"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109880927526773\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:113"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/11501"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17819"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-09-06 23:03
Modified
2025-04-03 01:03
Severity ?
Summary
kcheckpass in KDE 3.2.0 up to 3.4.2 allows local users to gain root access via a symlink attack on lock files.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.2-kdebase-kcheckpass.diff | Patch | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=112603999215453&w=2 | ||
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=112611555928169&w=2 | ||
| secalert@redhat.com | http://secunia.com/advisories/16692 | ||
| secalert@redhat.com | http://secunia.com/advisories/18139 | ||
| secalert@redhat.com | http://secunia.com/advisories/21481 | ||
| secalert@redhat.com | http://www.debian.org/security/2005/dsa-815 | ||
| secalert@redhat.com | http://www.kde.org/info/security/advisory-20050905-1.txt | Patch, Vendor Advisory | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2005:160 | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2006-0582.html | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/14736 | ||
| secalert@redhat.com | http://www.suresec.org/advisories/adv6.pdf | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/usn-176-1 | ||
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9388 | ||
| af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.2-kdebase-kcheckpass.diff | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=112603999215453&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=112611555928169&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/16692 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18139 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/21481 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-815 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20050905-1.txt | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2005:160 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2006-0582.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/14736 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.suresec.org/advisories/adv6.pdf | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/usn-176-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9388 |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "73B53A48-E222-46D9-B84C-AC26DF6AB400",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ACEE0AED-7918-41E9-A902-AC4070E03132",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "81E19472-47B4-4398-A188-CA5A5D3E7060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D17407A2-089E-43A5-9BD5-EFF966F5CC16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D6AB7C9F-48E2-4ACD-80CB-9559DE4C2BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E26B353-4985-4116-B97A-5767CDC732F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9F7180B3-03AC-427C-8CAD-FE06F81C4FF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D600E27F-A1D6-42C7-8ED1-FD508F5B3AB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7036AE90-C7E0-48CE-805D-3F1E04852675",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8D49AE92-BA00-4A8E-BBFE-1BE994CFA3CF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "kcheckpass in KDE 3.2.0 up to 3.4.2 allows local users to gain root access via a symlink attack on lock files."
}
],
"id": "CVE-2005-2494",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-09-06T23:03:00.000",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.2-kdebase-kcheckpass.diff"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=bugtraq\u0026m=112603999215453\u0026w=2"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=bugtraq\u0026m=112611555928169\u0026w=2"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/16692"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18139"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/21481"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2005/dsa-815"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20050905-1.txt"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:160"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0582.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/14736"
},
{
"source": "secalert@redhat.com",
"url": "http://www.suresec.org/advisories/adv6.pdf"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/usn-176-1"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9388"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.2-kdebase-kcheckpass.diff"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=112603999215453\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=112611555928169\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/16692"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18139"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/21481"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-815"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20050905-1.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:160"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0582.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/14736"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.suresec.org/advisories/adv6.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-176-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9388"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1997-05-05 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
KDE file manager (kfm) uses a TCP server for certain file operations, which allows remote attackers to modify arbitrary files by sending a copy command to the server.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://marc.info/?l=bugtraq&m=87602167420906&w=2 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/1646 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=87602167420906&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/1646 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D54C9BCD-7544-4005-8F61-45C3EC054385",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "KDE file manager (kfm) uses a TCP server for certain file operations, which allows remote attackers to modify arbitrary files by sending a copy command to the server."
}
],
"id": "CVE-1999-1267",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1997-05-05T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=87602167420906\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1646"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=87602167420906\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1646"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-11-29 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in LISa allows local users to gain access to a raw socket via a long LOGNAME environment variable for the resLISa daemon.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0068.html | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=103704823501757&w=2 | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=103712329102632&w=2 | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=103728981029342&w=2 | ||
| cve@mitre.org | http://www.ciac.org/ciac/bulletins/n-020.shtml | ||
| cve@mitre.org | http://www.debian.org/security/2002/dsa-193 | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.idefense.com/advisory/11.11.02.txt | ||
| cve@mitre.org | http://www.iss.net/security_center/static/10592.php | Vendor Advisory | |
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2002:080 | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2002-220.html | ||
| cve@mitre.org | http://www.securityfocus.com/bid/6157 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0068.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=103704823501757&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=103712329102632&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=103728981029342&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ciac.org/ciac/bulletins/n-020.shtml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2002/dsa-193 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.idefense.com/advisory/11.11.02.txt | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.iss.net/security_center/static/10592.php | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2002:080 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2002-220.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/6157 | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kde:klisa:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "45616FC1-D9F5-40F3-B3AB-B96453F31242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lisa:lisa:0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D61D200C-1D4D-4C4F-A077-79F6616F03CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lisa:lisa:0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8220DEF4-997E-4188-81DD-BD498B24D464",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6671EEE2-8CEC-41C7-9CF2-23D92A1B3DE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8C5E480F-A87E-4583-BC75-8596206C0895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B5DBFB51-48EB-41E5-9712-0A5368EE56A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4CEED379-3111-4451-B782-8C66CE568A1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B146FCD3-F6E7-4412-94FD-F9E66089C227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99CB51E4-0BFC-4C7C-B9EE-3DBCB0188D73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C629F0C8-C765-4076-B426-80929F9CE285",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "E107A931-B670-42A8-9F75-EEA0EF3D09B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "671D1461-4AB4-4FB6-977D-733888A1BA9B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in LISa allows local users to gain access to a raw socket via a long LOGNAME environment variable for the resLISa daemon."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en resLISa en KDE 2.1 A 3.0.4 y LISa anteriores a 0.2.2 permite a usuarios locales obtener acceso a raw sockets mediante una variable de entorno LOGNAME larga."
}
],
"id": "CVE-2002-1247",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-11-29T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0068.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=103704823501757\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=103712329102632\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=103728981029342\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.ciac.org/ciac/bulletins/n-020.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2002/dsa-193"
},
{
"source": "cve@mitre.org",
"url": "http://www.idefense.com/advisory/11.11.02.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10592.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2002:080"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/6157"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0068.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=103704823501757\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=103712329102632\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=103728981029342\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ciac.org/ciac/bulletins/n-020.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2002/dsa-193"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.idefense.com/advisory/11.11.02.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10592.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2002:080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/6157"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-09-24 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The SSL capability for Konqueror in KDE 3.0.2 and earlier does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-047.0.txt | ||
| cve@mitre.org | http://archives.neohapsis.com/archives/bugtraq/2002-08/0170.html | ||
| cve@mitre.org | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000519 | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=102918241005893&w=2 | ||
| cve@mitre.org | http://www.debian.org/security/2002/dsa-155 | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.kde.org/info/security/advisory-20020818-1.txt | ||
| cve@mitre.org | http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:058 | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2002-220.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2002-221.html | ||
| cve@mitre.org | http://www.securityfocus.com/bid/5410 | Exploit, Patch, Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/9776 | ||
| af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-047.0.txt | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2002-08/0170.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000519 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=102918241005893&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2002/dsa-155 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20020818-1.txt | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:058 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2002-220.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2002-221.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/5410 | Exploit, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/9776 |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kde:konqueror:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D435E39F-4F70-481B-9225-B072B79BEB69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:konqueror:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8AD68BAB-8945-4A22-938E-12C01D0111D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:konqueror:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7B3220BF-B0AF-4C90-89BD-B425EE58021D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:konqueror:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FA53FB7A-AF7F-45B2-AF23-11B1FC4EC289",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3F531972-E0A7-4E7C-A899-3766CEAAE2EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4CEED379-3111-4451-B782-8C66CE568A1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B146FCD3-F6E7-4412-94FD-F9E66089C227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99CB51E4-0BFC-4C7C-B9EE-3DBCB0188D73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SSL capability for Konqueror in KDE 3.0.2 and earlier does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack."
},
{
"lang": "es",
"value": "La capacidad SSL en Konqueror 3.0.2 y anteriores no verifica las restricc\u00edones b\u00e1sicas de una certificad intermedio firmado por una AC (Autoridad Certificadora), lo que permite a atacantes remotos falsear los certificados de sitios de confianza mediante un ataque de hombre en el medio (man-in-the-middle."
}
],
"id": "CVE-2002-0970",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-09-24T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-047.0.txt"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-08/0170.html"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000519"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=102918241005893\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2002/dsa-155"
},
{
"source": "cve@mitre.org",
"url": "http://www.kde.org/info/security/advisory-20020818-1.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:058"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2002-221.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/5410"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9776"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-047.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-08/0170.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=102918241005893\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2002/dsa-155"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.kde.org/info/security/advisory-20020818-1.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:058"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2002-221.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/5410"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9776"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-05-16 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
KICQ 2.0.0b1 allows remote attackers to cause a denial of service (crash) via a malformed message.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://marc.info/?l=bugtraq&m=101266856410129&w=2 | ||
| cve@mitre.org | http://www.iss.net/security_center/static/8064.php | Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/4018 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=101266856410129&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.iss.net/security_center/static/8064.php | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/4018 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kicq:kicq:2.0.0b1:*:*:*:*:*:*:*",
"matchCriteriaId": "EFB87C44-07E9-43D3-BA69-43D1BF5598D8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B292C704-EDFA-4060-90DF-0A3906DB0AC9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "KICQ 2.0.0b1 allows remote attackers to cause a denial of service (crash) via a malformed message."
},
{
"lang": "es",
"value": "KICQ 2.0.0b1 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) mediante un mensaje malformado."
}
],
"id": "CVE-2002-0227",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-05-16T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=101266856410129\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/8064.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/4018"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=101266856410129\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/8064.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/4018"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-27 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000886 | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=109880927526773&w=2 | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=110815379627883&w=2 | ||
| cve@mitre.org | http://www.debian.org/security/2004/dsa-573 | ||
| cve@mitre.org | http://www.debian.org/security/2004/dsa-581 | ||
| cve@mitre.org | http://www.debian.org/security/2004/dsa-599 | ||
| cve@mitre.org | http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml | ||
| cve@mitre.org | http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2004:113 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2004:114 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2004:115 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2004:116 | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2004-543.html | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2004-592.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-066.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-354.html | ||
| cve@mitre.org | http://www.securityfocus.com/bid/11501 | Patch, Vendor Advisory | |
| cve@mitre.org | https://bugzilla.fedora.us/show_bug.cgi?id=2353 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/17818 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9714 | ||
| cve@mitre.org | https://www.ubuntu.com/usn/usn-9-1/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000886 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=109880927526773&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=110815379627883&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2004/dsa-573 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2004/dsa-581 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2004/dsa-599 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2004:113 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2004:114 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2004:115 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2004:116 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2004-543.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2004-592.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-066.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-354.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/11501 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.fedora.us/show_bug.cgi?id=2353 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/17818 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9714 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.ubuntu.com/usn/usn-9-1/ |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| easy_software_products | cups | 1.0.4 | |
| easy_software_products | cups | 1.0.4_8 | |
| easy_software_products | cups | 1.1.1 | |
| easy_software_products | cups | 1.1.4 | |
| easy_software_products | cups | 1.1.4_2 | |
| easy_software_products | cups | 1.1.4_3 | |
| easy_software_products | cups | 1.1.4_5 | |
| easy_software_products | cups | 1.1.6 | |
| easy_software_products | cups | 1.1.7 | |
| easy_software_products | cups | 1.1.10 | |
| easy_software_products | cups | 1.1.12 | |
| easy_software_products | cups | 1.1.13 | |
| easy_software_products | cups | 1.1.14 | |
| easy_software_products | cups | 1.1.15 | |
| easy_software_products | cups | 1.1.16 | |
| easy_software_products | cups | 1.1.17 | |
| easy_software_products | cups | 1.1.18 | |
| easy_software_products | cups | 1.1.19 | |
| easy_software_products | cups | 1.1.19_rc5 | |
| easy_software_products | cups | 1.1.20 | |
| gnome | gpdf | 0.112 | |
| gnome | gpdf | 0.131 | |
| kde | koffice | 1.3 | |
| kde | koffice | 1.3.1 | |
| kde | koffice | 1.3.2 | |
| kde | koffice | 1.3.3 | |
| kde | koffice | 1.3_beta1 | |
| kde | koffice | 1.3_beta2 | |
| kde | koffice | 1.3_beta3 | |
| kde | kpdf | 3.2 | |
| pdftohtml | pdftohtml | 0.32a | |
| pdftohtml | pdftohtml | 0.32b | |
| pdftohtml | pdftohtml | 0.33 | |
| pdftohtml | pdftohtml | 0.33a | |
| pdftohtml | pdftohtml | 0.34 | |
| pdftohtml | pdftohtml | 0.35 | |
| pdftohtml | pdftohtml | 0.36 | |
| tetex | tetex | 1.0.7 | |
| tetex | tetex | 2.0 | |
| tetex | tetex | 2.0.1 | |
| tetex | tetex | 2.0.2 | |
| xpdf | xpdf | 0.90 | |
| xpdf | xpdf | 0.91 | |
| xpdf | xpdf | 0.92 | |
| xpdf | xpdf | 0.93 | |
| xpdf | xpdf | 1.0 | |
| xpdf | xpdf | 1.0a | |
| xpdf | xpdf | 1.1 | |
| xpdf | xpdf | 2.0 | |
| xpdf | xpdf | 2.1 | |
| xpdf | xpdf | 2.3 | |
| xpdf | xpdf | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| gentoo | linux | * | |
| kde | kde | 3.2 | |
| kde | kde | 3.2.1 | |
| kde | kde | 3.2.2 | |
| kde | kde | 3.2.3 | |
| kde | kde | 3.3 | |
| kde | kde | 3.3.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux_desktop | 3.0 | |
| redhat | fedora_core | core_2.0 | |
| redhat | linux_advanced_workstation | 2.1 | |
| redhat | linux_advanced_workstation | 2.1 | |
| suse | suse_linux | 8.0 | |
| suse | suse_linux | 8.1 | |
| suse | suse_linux | 8.2 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.1 | |
| suse | suse_linux | 9.2 | |
| ubuntu | ubuntu_linux | 4.1 | |
| ubuntu | ubuntu_linux | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "68BD578F-CCAD-4515-9205-EB4F297C6DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4_8:*:*:*:*:*:*:*",
"matchCriteriaId": "F3182CA2-7375-43BC-A0E5-DE11D4B65EE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FCF4C8D0-3030-4DD5-800B-76A582A4CD0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "734D0C2C-F71F-461A-87EE-202C6B706753",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_2:*:*:*:*:*:*:*",
"matchCriteriaId": "3F0F402D-5CD0-4477-8B59-C753CECB02BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_3:*:*:*:*:*:*:*",
"matchCriteriaId": "959F7AFA-ED20-434C-993F-06C2A8574662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_5:*:*:*:*:*:*:*",
"matchCriteriaId": "D4F5A0A4-2884-46CA-A846-8B954EB80CFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1741CC9D-C4A8-48F9-86CF-EC20AE2A6BE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "35E65857-12C7-49DE-AD27-3CACD456231C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "47CEF035-57A6-470B-916A-E5562C28E866",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "4E26BB15-4CF8-4496-A7F7-EB34C444EF72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "D414984E-4F6B-4278-8346-968587E4B18E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "33C36DCB-2FDD-44E6-85E8-875575AAE69E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "7C4B7C23-0C54-4FBA-A774-9CC1E148376E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "9FA0EF14-33E6-4D44-B86E-F04014EA3C8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "A5428EE6-F90A-4BB6-9D8C-8B99E80AB6DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "A786A770-919E-4E23-949D-D836F316618A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "00A2249C-73DE-434E-A41F-4EDB0ADC0845",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.19_rc5:*:*:*:*:*:*:*",
"matchCriteriaId": "73AB4D3D-FF35-4A50-A144-3AD41F6F2E55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "FB7653F1-70E2-423F-A6A9-30333644B506",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:gpdf:0.112:*:*:*:*:*:*:*",
"matchCriteriaId": "2E70576E-C253-4F8B-A93E-14CC2EE7114D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:gpdf:0.131:*:*:*:*:*:*:*",
"matchCriteriaId": "832C5512-B473-40E8-BF4F-EC6ABFE46749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "053435DD-BFDF-4C39-9919-11C42D569085",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E9BB1A3C-3348-4545-A513-E504B33F72AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CD45E2C8-0B0E-484F-8050-94BF77798183",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4EAA654E-9DD4-4614-92D7-EF4D676B3A18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3_beta1:*:*:*:*:*:*:*",
"matchCriteriaId": "89C96FC9-40DB-467D-A701-49F97A1B887D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3_beta2:*:*:*:*:*:*:*",
"matchCriteriaId": "76128BDC-2CA7-4AE7-8C4F-BCB3835CA938",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3_beta3:*:*:*:*:*:*:*",
"matchCriteriaId": "0B2517C7-27EF-4961-91C3-CA33219AFF2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.32a:*:*:*:*:*:*:*",
"matchCriteriaId": "EE346726-71D6-438B-B600-A7E107332816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.32b:*:*:*:*:*:*:*",
"matchCriteriaId": "87E85020-B4DB-4011-BDD0-1C8967D45A84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.33:*:*:*:*:*:*:*",
"matchCriteriaId": "8189A9AB-F685-40E2-944F-8BD3DD6FA0A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.33a:*:*:*:*:*:*:*",
"matchCriteriaId": "C33B8585-FA5F-4210-A997-615BCEE1726F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.34:*:*:*:*:*:*:*",
"matchCriteriaId": "F4AE4C34-C497-426F-AC0D-1805A50582EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.35:*:*:*:*:*:*:*",
"matchCriteriaId": "A2989EFF-07B9-4EF2-B6C1-59E4F52FDC92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.36:*:*:*:*:*:*:*",
"matchCriteriaId": "A3970101-5E83-49FD-BCB6-D9176D46B5A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "28CC6233-E207-40CC-81FF-A8670EEA4295",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "64DD9B5C-3DB8-4E15-B4A6-541E4E221C1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "0304E1E3-8766-40D0-8879-A652B4E9E72D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "188F1343-8082-4B54-8DA4-E344818ABD52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B95DA7DE-B786-4EE7-A3F4-C077A7986D5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:1.0a:*:*:*:*:*:*:*",
"matchCriteriaId": "C5306C05-4A71-4175-8C22-F2DE0F2FE4C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3B9DEF16-ECD5-4BBE-8986-52A6171B3D9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CFFDBEEC-B2C1-47F0-82D3-FC9147B590A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "354487CF-0086-4AE2-872B-0032E3EB89EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1169B802-7279-437F-AF59-621A67DC92EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*",
"matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*",
"matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*",
"matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*",
"matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*",
"matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*",
"matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*",
"matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*",
"matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*",
"matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "82F69843-978D-4686-BC5B-1D09DA4A21BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ACEE0AED-7918-41E9-A902-AC4070E03132",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "81E19472-47B4-4398-A188-CA5A5D3E7060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D17407A2-089E-43A5-9BD5-EFF966F5CC16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C4B436D-8D6A-473E-B707-26147208808B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E26B353-4985-4116-B97A-5767CDC732F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
"matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889."
}
],
"id": "CVE-2004-0888",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-27T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000886"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109880927526773\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110815379627883\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2004/dsa-573"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2004/dsa-581"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2004/dsa-599"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:113"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:114"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:115"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:116"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-543.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-592.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-066.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11501"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9714"
},
{
"source": "cve@mitre.org",
"url": "https://www.ubuntu.com/usn/usn-9-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000886"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109880927526773\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110815379627883\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2004/dsa-573"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2004/dsa-581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2004/dsa-599"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:113"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:114"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:115"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:116"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-543.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-592.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-066.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11501"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9714"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.ubuntu.com/usn/usn-9-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-10-11 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Konqueror in KDE 3.0 through 3.0.2 does not properly detect the "secure" flag in an HTTP cookie, which could cause Konqueror to send the cookie across an unencrypted channel, which could allow remote attackers to steal the cookie via sniffing.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://marc.info/?l=bugtraq&m=103175827225044&w=2 | ||
| cve@mitre.org | http://www.iss.net/security_center/static/10083.php | Vendor Advisory | |
| cve@mitre.org | http://www.kde.org/info/security/advisory-20020908-1.txt | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2002-220.html | ||
| cve@mitre.org | http://www.securityfocus.com/bid/5691 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=103175827225044&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.iss.net/security_center/static/10083.php | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20020908-1.txt | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2002-220.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/5691 | Patch, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4CEED379-3111-4451-B782-8C66CE568A1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B146FCD3-F6E7-4412-94FD-F9E66089C227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99CB51E4-0BFC-4C7C-B9EE-3DBCB0188D73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Konqueror in KDE 3.0 through 3.0.2 does not properly detect the \"secure\" flag in an HTTP cookie, which could cause Konqueror to send the cookie across an unencrypted channel, which could allow remote attackers to steal the cookie via sniffing."
},
{
"lang": "es",
"value": "Konqueror en KDE 3.0 a 3.0.2 no detecta adecuadamente la se\u00f1al (flag) en una cookieHTTP, lo que podr\u00eda causar que Konqueror mandase la cookie por un canal no cifrado, que podr\u00eda ser vista por atacantes espiando (sniffing) la conexi\u00f3n."
}
],
"id": "CVE-2002-1152",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-10-11T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=103175827225044\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10083.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.kde.org/info/security/advisory-20020908-1.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/5691"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=103175827225044\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10083.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.kde.org/info/security/advisory-20020908-1.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/5691"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-04-28 17:05
Modified
2025-04-09 00:30
Severity ?
Summary
start_kdeinit in KDE 3.5.5 through 3.5.9, when installed setuid root, allows local users to cause a denial of service and possibly execute arbitrary code via "user-influenceable input" (probably command-line arguments) that cause start_kdeinit to send SIGUSR1 signals to other processes.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | ftp://ftp.kde.org/pub/kde/security_patches/post-kde-3.5.5-kinit.diff | Exploit | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html | ||
| secalert@redhat.com | http://secunia.com/advisories/29951 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/29977 | ||
| secalert@redhat.com | http://secunia.com/advisories/30113 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-200804-30.xml | ||
| secalert@redhat.com | http://www.kde.org/info/security/advisory-20080426-2.txt | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2008:097 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/28938 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1019924 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/usn-608-1 | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2008/1370/references | ||
| secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/42039 | ||
| af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.kde.org/pub/kde/security_patches/post-kde-3.5.5-kinit.diff | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29951 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29977 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/30113 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200804-30.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20080426-2.txt | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2008:097 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/28938 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1019924 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/usn-608-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/1370/references | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/42039 |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:3.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "65CCBEC7-EF7F-43DB-892C-E9C93D3B3353",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C3D851-540B-4F4C-BCC4-47F4C099D212",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "32DF6E2C-221F-4F99-9D5B-C3E48AF7A9F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1E06B8C1-F186-4BC5-9C1D-DF5BC40FEDB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F5F38CD2-8531-403D-B522-389DD4F8C5E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "start_kdeinit in KDE 3.5.5 through 3.5.9, when installed setuid root, allows local users to cause a denial of service and possibly execute arbitrary code via \"user-influenceable input\" (probably command-line arguments) that cause start_kdeinit to send SIGUSR1 signals to other processes."
},
{
"lang": "es",
"value": "start_kdeinit en KDE de 3.5.5 a 3.5.9, cuando est\u00e1 instalado setuid root, permite a usuarios locales provocar una denegaci\u00f3n de servicio y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n mediante \"una entrada influenciable por el usuario\" (probablemente argumentos en l\u00ednea de comandos) que provocan que start_kdeinit env\u00ede se\u00f1ales SIGUSR1 a otros procesos."
}
],
"id": "CVE-2008-1671",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-04-28T17:05:00.000",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "ftp://ftp.kde.org/pub/kde/security_patches/post-kde-3.5.5-kinit.diff"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29951"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/29977"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/30113"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-200804-30.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://www.kde.org/info/security/advisory-20080426-2.txt"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:097"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/28938"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1019924"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/usn-608-1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2008/1370/references"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42039"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "ftp://ftp.kde.org/pub/kde/security_patches/post-kde-3.5.5-kinit.diff"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29977"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30113"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200804-30.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.kde.org/info/security/advisory-20080426-2.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:097"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/28938"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019924"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-608-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1370/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42039"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vendorComments": [
{
"comment": "Not vulnerable. This issue did not affect versions of KDE as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.",
"lastModified": "2008-05-01T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-16"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-04-28 17:05
Modified
2025-04-09 00:30
Severity ?
Summary
Heap-based buffer overflow in the progressive PNG Image loader (decoders/pngloader.cpp) in KHTML in KDE 4.0.x up to 4.0.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted image.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html | ||
| secalert@redhat.com | http://secunia.com/advisories/29980 | Patch, Vendor Advisory | |
| secalert@redhat.com | http://www.kde.org/info/security/advisory-20080426-1.txt | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/28937 | Patch | |
| secalert@redhat.com | http://www.securitytracker.com/id?1019929 | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2008/1371/references | ||
| secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/42038 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29980 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20080426-1.txt | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/28937 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1019929 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/1371/references | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/42038 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "82BE38B3-A061-49CD-8D37-488C8A45E720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA64B65F-541C-424E-9935-D02458056F3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5A4E8ADF-5A73-4B91-850F-D14DEE6221FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8F36E9E5-9DA7-4A34-B600-FC4B4B9014A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the progressive PNG Image loader (decoders/pngloader.cpp) in KHTML in KDE 4.0.x up to 4.0.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted image."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en mont\u00edculo en el cargador de imagen PNG progresivo (decoders/pngloader.cpp) en KHTML de KDE 4.0.x hasta 4.0.3; permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) y puede que ejecutar c\u00f3digo de su elecci\u00f3n mediante una imagen manipulada."
}
],
"id": "CVE-2008-1670",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-04-28T17:05:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29980"
},
{
"source": "secalert@redhat.com",
"url": "http://www.kde.org/info/security/advisory-20080426-1.txt"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/28937"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1019929"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2008/1371/references"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42038"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29980"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.kde.org/info/security/advisory-20080426-1.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/28937"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019929"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1371/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42038"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vendorComments": [
{
"comment": "Not vulnerable. This issue did not affect versions of KDE as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.",
"lastModified": "2008-05-01T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-08-17 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
langen2kvtml in KDE 3.0 to 3.4.2 creates insecure temporary files in /tmp with predictable names, which allows local users to overwrite arbitrary files.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://secunia.com/advisories/16428 | ||
| secalert@redhat.com | http://securitytracker.com/id?1014675 | ||
| secalert@redhat.com | http://www.debian.org/security/2005/dsa-818 | ||
| secalert@redhat.com | http://www.kde.org/info/security/advisory-20050815-1.txt | Patch, Vendor Advisory | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2005:159 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/14561 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/16428 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1014675 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-818 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20050815-1.txt | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2005:159 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/14561 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kde | kde | 3.0 | |
| kde | kde | 3.0.1 | |
| kde | kde | 3.0.2 | |
| kde | kde | 3.0.3 | |
| kde | kde | 3.0.4 | |
| kde | kde | 3.0.5 | |
| kde | kde | 3.0.5a | |
| kde | kde | 3.1 | |
| kde | kde | 3.1.1 | |
| kde | kde | 3.1.2 | |
| kde | kde | 3.1.3 | |
| kde | kde | 3.1.4 | |
| kde | kde | 3.1.5 | |
| kde | kde | 3.1_alpha1 | |
| kde | kde | 3.1_beta1 | |
| kde | kde | 3.1_beta2 | |
| kde | kde | 3.2 | |
| kde | kde | 3.2.0_beta1 | |
| kde | kde | 3.2.1 | |
| kde | kde | 3.2.2 | |
| kde | kde | 3.2.3 | |
| kde | kde | 3.3 | |
| kde | kde | 3.3.1 | |
| kde | kde | 3.3.2 | |
| kde | kde | 3.4 | |
| kde | kde | 3.4.1 | |
| kde | kde | 3.4.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4CEED379-3111-4451-B782-8C66CE568A1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B146FCD3-F6E7-4412-94FD-F9E66089C227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99CB51E4-0BFC-4C7C-B9EE-3DBCB0188D73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C629F0C8-C765-4076-B426-80929F9CE285",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "671D1461-4AB4-4FB6-977D-733888A1BA9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E268EFFF-6B28-4C64-B052-AFA3BB1E709F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9B6CD2-7343-4D68-BEC6-A7BB0E0F0962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1F98A556-D640-40F1-92C2-FC262F50F5C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B7E2C256-8E9F-4D12-ABF4-FECE06B52CAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "33AF934D-B51B-4A81-BC47-FFEAB9A62C30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4A3096F2-B0F1-45E1-806D-6434DE56619A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AA5560AA-372B-4462-AFF8-8F27A980E507",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4904CFFD-4CE1-4D65-A7BA-9B06E5B35D07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1_alpha1:*:*:*:*:*:*:*",
"matchCriteriaId": "296D60E4-859E-458A-BDDA-A6265C020F91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1_beta1:*:*:*:*:*:*:*",
"matchCriteriaId": "8F6AD786-E68C-4952-90D4-3712560FAB2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1_beta2:*:*:*:*:*:*:*",
"matchCriteriaId": "C8F628A0-E6F0-4843-9897-1B389853709B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "82F69843-978D-4686-BC5B-1D09DA4A21BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.0_beta1:*:*:*:*:*:*:*",
"matchCriteriaId": "666F5ADD-94D8-42C9-8A38-5D2F10CB213E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ACEE0AED-7918-41E9-A902-AC4070E03132",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "81E19472-47B4-4398-A188-CA5A5D3E7060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D17407A2-089E-43A5-9BD5-EFF966F5CC16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C4B436D-8D6A-473E-B707-26147208808B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E26B353-4985-4116-B97A-5767CDC732F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9F7180B3-03AC-427C-8CAD-FE06F81C4FF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "442021C9-BE4D-4BC9-8114-8BEFA9EC1232",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7036AE90-C7E0-48CE-805D-3F1E04852675",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8D49AE92-BA00-4A8E-BBFE-1BE994CFA3CF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "langen2kvtml in KDE 3.0 to 3.4.2 creates insecure temporary files in /tmp with predictable names, which allows local users to overwrite arbitrary files."
}
],
"id": "CVE-2005-2101",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-08-17T04:00:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/16428"
},
{
"source": "secalert@redhat.com",
"url": "http://securitytracker.com/id?1014675"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2005/dsa-818"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20050815-1.txt"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:159"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/14561"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/16428"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1014675"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-818"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20050815-1.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:159"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/14561"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-11-11 13:00
Modified
2025-04-11 00:51
Severity ?
Summary
rendering/render_replaced.cpp in Konqueror in KDE before 4.9.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted web page, related to "trying to reuse a frame with a null part."
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html | ||
| secalert@redhat.com | http://quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=65464349951e0df9b5d80c2eb3cc7458d54923ae | ||
| secalert@redhat.com | http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc | Exploit | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/10/11/11 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/10/30/6 | ||
| secalert@redhat.com | https://bugs.kde.org/show_bug.cgi?id=271528 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=65464349951e0df9b5d80c2eb3cc7458d54923ae | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/10/11/11 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/10/30/6 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.kde.org/show_bug.cgi?id=271528 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kde | kde | * | |
| kde | kde | 1.0 | |
| kde | kde | 1.1 | |
| kde | kde | 1.1.1 | |
| kde | kde | 1.1.2 | |
| kde | kde | 1.2 | |
| kde | kde | 1.x | |
| kde | kde | 2.0 | |
| kde | kde | 2.0.1 | |
| kde | kde | 2.0_beta | |
| kde | kde | 2.1 | |
| kde | kde | 2.1.1 | |
| kde | kde | 2.1.2 | |
| kde | kde | 2.1_beta1 | |
| kde | kde | 2.1_beta2 | |
| kde | kde | 2.2 | |
| kde | kde | 2.2.1 | |
| kde | kde | 2.2.2 | |
| kde | kde | 2.2_beta1 | |
| kde | kde | 3.0 | |
| kde | kde | 3.0.1 | |
| kde | kde | 3.0.2 | |
| kde | kde | 3.0.3 | |
| kde | kde | 3.0.3a | |
| kde | kde | 3.0.4 | |
| kde | kde | 3.0.5 | |
| kde | kde | 3.0.5a | |
| kde | kde | 3.0.5b | |
| kde | kde | 3.0_beta_1 | |
| kde | kde | 3.0_beta_2 | |
| kde | kde | 3.1 | |
| kde | kde | 3.1.0 | |
| kde | kde | 3.1.1 | |
| kde | kde | 3.1.1a | |
| kde | kde | 3.1.2 | |
| kde | kde | 3.1.3 | |
| kde | kde | 3.1.4 | |
| kde | kde | 3.1.5 | |
| kde | kde | 3.1_alpha1 | |
| kde | kde | 3.1_beta1 | |
| kde | kde | 3.1_beta2 | |
| kde | kde | 3.2 | |
| kde | kde | 3.2.0 | |
| kde | kde | 3.2.0_beta1 | |
| kde | kde | 3.2.1 | |
| kde | kde | 3.2.2 | |
| kde | kde | 3.2.3 | |
| kde | kde | 3.2.x | |
| kde | kde | 3.3 | |
| kde | kde | 3.3.0 | |
| kde | kde | 3.3.1 | |
| kde | kde | 3.3.2 | |
| kde | kde | 3.3.x | |
| kde | kde | 3.4 | |
| kde | kde | 3.4.0 | |
| kde | kde | 3.4.1 | |
| kde | kde | 3.4.2 | |
| kde | kde | 3.4.3 | |
| kde | kde | 3.5 | |
| kde | kde | 3.5.0 | |
| kde | kde | 3.5.1 | |
| kde | kde | 3.5.2 | |
| kde | kde | 3.5.3 | |
| kde | kde | 3.5.4 | |
| kde | kde | 3.5.5 | |
| kde | kde | 3.5.6 | |
| kde | kde | 3.5.7 | |
| kde | kde | 3.5.8 | |
| kde | kde | 3.5.9 | |
| kde | kde | 3.5.10 | |
| kde | kde | 4.0.0 | |
| kde | kde | 4.0.1 | |
| kde | kde | 4.0.2 | |
| kde | kde | 4.0.3 | |
| kde | kde | 4.7.3 | |
| kde | kde | 4.9.0 | |
| kde | kde | 4.9.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0444E6E8-9078-49B7-BABD-0F8228EC8966",
"versionEndIncluding": "4.9.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "30661C23-9BE4-4F6E-AEB9-1B9D7DAA6FC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55B38F8C-9451-441B-BCD8-E41C1A2231DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D04A4717-229D-4E20-8FD2-DC13757B0AC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F472ECE0-821E-4A20-B6FC-CC4FC5D1BA36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D6767505-CFD5-4C66-A67A-4740E2994CC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:1.x:*:*:*:*:*:*:*",
"matchCriteriaId": "F5E69E24-DC1F-4B98-A87E-05043C43616D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6671EEE2-8CEC-41C7-9CF2-23D92A1B3DE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B4F3ACDA-8DB4-4E59-B673-021CEBD03D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.0_beta:*:*:*:*:*:*:*",
"matchCriteriaId": "FC14C38A-AAA8-463E-AA7C-F16C6CB3A3EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8C5E480F-A87E-4583-BC75-8596206C0895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2EF4C94E-54BB-44DB-BB7D-841419C4D3A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B292C704-EDFA-4060-90DF-0A3906DB0AC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.1_beta1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3C9BFA6-4AB0-49ED-8413-55E6678B6275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.1_beta2:*:*:*:*:*:*:*",
"matchCriteriaId": "1CD88E0D-DF56-459D-AAE4-CD03E9CC7C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B5DBFB51-48EB-41E5-9712-0A5368EE56A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EEAE9343-7A7F-4CB0-8CEF-52D61BD689C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3F531972-E0A7-4E7C-A899-3766CEAAE2EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.2_beta1:*:*:*:*:*:*:*",
"matchCriteriaId": "9D288C0E-8052-4198-AFA0-3DE20BB985FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4CEED379-3111-4451-B782-8C66CE568A1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B146FCD3-F6E7-4412-94FD-F9E66089C227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99CB51E4-0BFC-4C7C-B9EE-3DBCB0188D73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C629F0C8-C765-4076-B426-80929F9CE285",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "E107A931-B670-42A8-9F75-EEA0EF3D09B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "671D1461-4AB4-4FB6-977D-733888A1BA9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E268EFFF-6B28-4C64-B052-AFA3BB1E709F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9B6CD2-7343-4D68-BEC6-A7BB0E0F0962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.5b:*:*:*:*:*:*:*",
"matchCriteriaId": "21AC6FAB-45DF-4DE1-AADD-7DCA3AF0051E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0_beta_1:*:*:*:*:*:*:*",
"matchCriteriaId": "DAE64619-1AD6-4FBE-B201-73C565BB052F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0_beta_2:*:*:*:*:*:*:*",
"matchCriteriaId": "2FF4F0D1-A718-4989-805C-DA7DBAE3647D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1F98A556-D640-40F1-92C2-FC262F50F5C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C6EB3F5C-A86E-40E7-B9D7-E8DAB273D880",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B7E2C256-8E9F-4D12-ABF4-FECE06B52CAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "ECBCF55E-336B-420E-A154-609C02BB9FEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "33AF934D-B51B-4A81-BC47-FFEAB9A62C30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4A3096F2-B0F1-45E1-806D-6434DE56619A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AA5560AA-372B-4462-AFF8-8F27A980E507",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4904CFFD-4CE1-4D65-A7BA-9B06E5B35D07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1_alpha1:*:*:*:*:*:*:*",
"matchCriteriaId": "296D60E4-859E-458A-BDDA-A6265C020F91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1_beta1:*:*:*:*:*:*:*",
"matchCriteriaId": "8F6AD786-E68C-4952-90D4-3712560FAB2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1_beta2:*:*:*:*:*:*:*",
"matchCriteriaId": "C8F628A0-E6F0-4843-9897-1B389853709B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "82F69843-978D-4686-BC5B-1D09DA4A21BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "73B53A48-E222-46D9-B84C-AC26DF6AB400",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.0_beta1:*:*:*:*:*:*:*",
"matchCriteriaId": "666F5ADD-94D8-42C9-8A38-5D2F10CB213E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ACEE0AED-7918-41E9-A902-AC4070E03132",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "81E19472-47B4-4398-A188-CA5A5D3E7060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D17407A2-089E-43A5-9BD5-EFF966F5CC16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.x:*:*:*:*:*:*:*",
"matchCriteriaId": "44B5E71B-FBA8-472D-827F-078E337724E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C4B436D-8D6A-473E-B707-26147208808B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D6AB7C9F-48E2-4ACD-80CB-9559DE4C2BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E26B353-4985-4116-B97A-5767CDC732F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9F7180B3-03AC-427C-8CAD-FE06F81C4FF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.x:*:*:*:*:*:*:*",
"matchCriteriaId": "CB35C02B-9966-41CA-BB8F-61EACB777816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "442021C9-BE4D-4BC9-8114-8BEFA9EC1232",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D600E27F-A1D6-42C7-8ED1-FD508F5B3AB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7036AE90-C7E0-48CE-805D-3F1E04852675",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8D49AE92-BA00-4A8E-BBFE-1BE994CFA3CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "29911CA1-ECFD-476F-8C85-EA0C6C143DC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D17CEFEB-9166-4426-92E1-D8F61D5F5D4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7BDBBFE2-D4C6-4466-A173-6AD716503953",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DCAB6F78-1C7D-404C-87B7-E93E096CC3B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "67C992C7-E81D-443B-ACE8-B92F8A36C1FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4EAC287B-1AB4-43F3-AC26-EDA689A004B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DB5557D4-36B2-4975-A78E-99774DBCFB2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "65CCBEC7-EF7F-43DB-892C-E9C93D3B3353",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C3D851-540B-4F4C-BCC4-47F4C099D212",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "32DF6E2C-221F-4F99-9D5B-C3E48AF7A9F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1E06B8C1-F186-4BC5-9C1D-DF5BC40FEDB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F5F38CD2-8531-403D-B522-389DD4F8C5E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4060AC52-64EA-46E8-82EC-91F1040A4FCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "82BE38B3-A061-49CD-8D37-488C8A45E720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA64B65F-541C-424E-9935-D02458056F3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5A4E8ADF-5A73-4B91-850F-D14DEE6221FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8F36E9E5-9DA7-4A34-B600-FC4B4B9014A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:4.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "47765596-0EA4-4F55-95BE-D34EE192A437",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:4.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1AEC46A1-1577-4836-B5B1-86CDA6705286",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:4.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CBAD70F4-54D8-48CD-936D-E4A4DE83BBD3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "rendering/render_replaced.cpp in Konqueror in KDE before 4.9.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted web page, related to \"trying to reuse a frame with a null part.\""
},
{
"lang": "es",
"value": "rendering/render_replaced.cpp en Konqueror en KDE antes de v4.9.3 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (desreferencia puntero NULL) a trav\u00e9s de una p\u00e1gina web modificada, relacionado con \"tratar de volver a utilizar un marco con una parte nula\"."
}
],
"id": "CVE-2012-4514",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-11-11T13:00:51.493",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html"
},
{
"source": "secalert@redhat.com",
"url": "http://quickgit.kde.org/index.php?p=kdelibs.git\u0026a=commitdiff\u0026h=65464349951e0df9b5d80c2eb3cc7458d54923ae"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/11"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/10/30/6"
},
{
"source": "secalert@redhat.com",
"url": "https://bugs.kde.org/show_bug.cgi?id=271528"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://quickgit.kde.org/index.php?p=kdelibs.git\u0026a=commitdiff\u0026h=65464349951e0df9b5d80c2eb3cc7458d54923ae"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/10/30/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.kde.org/show_bug.cgi?id=271528"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-10-28 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Directory traversal vulnerability in kpf for KDE 3.0.1 through KDE 3.0.3a allows remote attackers to read arbitrary files as the kpf user via a URL with a modified icon parameter.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://archives.neohapsis.com/archives/bugtraq/2002-10/0164.html | Patch, Vendor Advisory | |
| cve@mitre.org | http://online.securityfocus.com/archive/1/294991 | ||
| cve@mitre.org | http://www.iss.net/security_center/static/10347.php | Vendor Advisory | |
| cve@mitre.org | http://www.kde.org/info/security/advisory-20021008-2.txt | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2002-220.html | ||
| cve@mitre.org | http://www.securityfocus.com/bid/5951 | Exploit, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2002-10/0164.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://online.securityfocus.com/archive/1/294991 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.iss.net/security_center/static/10347.php | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20021008-2.txt | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2002-220.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/5951 | Exploit, Patch, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B146FCD3-F6E7-4412-94FD-F9E66089C227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99CB51E4-0BFC-4C7C-B9EE-3DBCB0188D73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C629F0C8-C765-4076-B426-80929F9CE285",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "E107A931-B670-42A8-9F75-EEA0EF3D09B5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in kpf for KDE 3.0.1 through KDE 3.0.3a allows remote attackers to read arbitrary files as the kpf user via a URL with a modified icon parameter."
},
{
"lang": "es",
"value": "Vulnerablidad de atravesamiento de directorios en kpf de KDE 3.0.1 a 3.0.3a permite a atacantes remotos leer ficheros arbitrarios como el usuario de kpf."
}
],
"id": "CVE-2002-1224",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-10-28T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0164.html"
},
{
"source": "cve@mitre.org",
"url": "http://online.securityfocus.com/archive/1/294991"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10347.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20021008-2.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/5951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0164.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://online.securityfocus.com/archive/1/294991"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10347.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20021008-2.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/5951"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-01-06 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Vulnerability in KDE konsole allows local users to hijack or observe sessions of other users by accessing certain devices.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://lists.kde.org/?l=kde-devel&m=91560433413263&w=2 | Patch | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/1645 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.kde.org/?l=kde-devel&m=91560433413263&w=2 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/1645 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D54C9BCD-7544-4005-8F61-45C3EC054385",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in KDE konsole allows local users to hijack or observe sessions of other users by accessing certain devices."
}
],
"id": "CVE-1999-1268",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-01-06T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://lists.kde.org/?l=kde-devel\u0026m=91560433413263\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1645"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://lists.kde.org/?l=kde-devel\u0026m=91560433413263\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1645"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-05-16 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The KDE kscd program does not drop privileges when executing a program specified in a user's SHELL environmental variable, which allows the user to gain privileges by specifying an alternate program to execute.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://archives.neohapsis.com/archives/bugtraq/2000-05/0172.html | ||
| cve@mitre.org | http://www.novell.com/linux/security/advisories/suse_security_announce_50.html | ||
| cve@mitre.org | http://www.securityfocus.com/bid/1206 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2000-05/0172.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/suse_security_announce_50.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/1206 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55B38F8C-9451-441B-BCD8-E41C1A2231DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D04A4717-229D-4E20-8FD2-DC13757B0AC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D6767505-CFD5-4C66-A67A-4740E2994CC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.0_beta:*:*:*:*:*:*:*",
"matchCriteriaId": "FC14C38A-AAA8-463E-AA7C-F16C6CB3A3EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The KDE kscd program does not drop privileges when executing a program specified in a user\u0027s SHELL environmental variable, which allows the user to gain privileges by specifying an alternate program to execute."
}
],
"id": "CVE-2000-0393",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-05-16T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0172.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/suse_security_announce_50.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/1206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0172.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/suse_security_announce_50.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/1206"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-05-02 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The KDE screen saver in KDE before 3.0.5 does not properly check the return value from a certain function call, which allows attackers with physical access to cause a crash and access the desktop session.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.debian.org/security/2005/dsa-660 | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-009.html | Patch, Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/19084 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9260 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-660 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-009.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/19084 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9260 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 3.0 | |
| kde | kde | 1.0 | |
| kde | kde | 1.1 | |
| kde | kde | 1.1.1 | |
| kde | kde | 1.1.2 | |
| kde | kde | 2.0 | |
| kde | kde | 2.0.1 | |
| kde | kde | 2.1 | |
| kde | kde | 2.1_beta1 | |
| kde | kde | 2.1_beta2 | |
| kde | kde | 2.2 | |
| kde | kde | 2.2.1 | |
| kde | kde | 2.2_beta1 | |
| kde | kde | 3.0 | |
| kde | kde | 3.0.1 | |
| kde | kde | 3.0.2 | |
| kde | kde | 3.0.3 | |
| kde | kde | 3.0.4 | |
| kde | kde | 3.0_beta_1 | |
| kde | kde | 3.0_beta_2 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux_desktop | 3.0 | |
| redhat | linux_advanced_workstation | 2.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:woody:*:*:*:*:*",
"matchCriteriaId": "436B1E58-17E8-495B-A2DD-FB1626B9D35B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "30661C23-9BE4-4F6E-AEB9-1B9D7DAA6FC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55B38F8C-9451-441B-BCD8-E41C1A2231DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D04A4717-229D-4E20-8FD2-DC13757B0AC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F472ECE0-821E-4A20-B6FC-CC4FC5D1BA36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6671EEE2-8CEC-41C7-9CF2-23D92A1B3DE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B4F3ACDA-8DB4-4E59-B673-021CEBD03D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8C5E480F-A87E-4583-BC75-8596206C0895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.1_beta1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3C9BFA6-4AB0-49ED-8413-55E6678B6275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.1_beta2:*:*:*:*:*:*:*",
"matchCriteriaId": "1CD88E0D-DF56-459D-AAE4-CD03E9CC7C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B5DBFB51-48EB-41E5-9712-0A5368EE56A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EEAE9343-7A7F-4CB0-8CEF-52D61BD689C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.2_beta1:*:*:*:*:*:*:*",
"matchCriteriaId": "9D288C0E-8052-4198-AFA0-3DE20BB985FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4CEED379-3111-4451-B782-8C66CE568A1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B146FCD3-F6E7-4412-94FD-F9E66089C227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99CB51E4-0BFC-4C7C-B9EE-3DBCB0188D73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C629F0C8-C765-4076-B426-80929F9CE285",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "671D1461-4AB4-4FB6-977D-733888A1BA9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0_beta_1:*:*:*:*:*:*:*",
"matchCriteriaId": "DAE64619-1AD6-4FBE-B201-73C565BB052F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0_beta_2:*:*:*:*:*:*:*",
"matchCriteriaId": "2FF4F0D1-A718-4989-805C-DA7DBAE3647D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*",
"matchCriteriaId": "81B543F9-C209-46C2-B0AE-E14818A6992E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*",
"matchCriteriaId": "DB89C970-DE94-4E09-A90A-077DB83AD156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5F9BE3AC-B583-4AED-A940-E95F808D1BFB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The KDE screen saver in KDE before 3.0.5 does not properly check the return value from a certain function call, which allows attackers with physical access to cause a crash and access the desktop session."
}
],
"id": "CVE-2005-0078",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-02T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2005/dsa-660"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-009.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19084"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9260"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2005/dsa-660"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19084"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9260"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-12-22 15:30
Modified
2025-04-09 00:30
Severity ?
Summary
HTMLTokenizer::scriptHandler in Konqueror in KDE 3.5.9 and 3.5.10 allows remote attackers to cause a denial of service (application crash) via an invalid document.load call that triggers use of a deleted object. NOTE: some of these details are obtained from third party information.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://secunia.com/advisories/32208 | Vendor Advisory | |
| cve@mitre.org | http://securityreason.com/securityalert/4796 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/31696 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/2915 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/45804 | ||
| cve@mitre.org | https://www.exploit-db.com/exploits/6718 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/32208 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/securityalert/4796 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/31696 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/2915 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/45804 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/6718 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:3.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F5F38CD2-8531-403D-B522-389DD4F8C5E7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:kde:kde:3.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4060AC52-64EA-46E8-82EC-91F1040A4FCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kde:konqueror:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A65B798-C4F1-44BF-8B64-FDB7F234580B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HTMLTokenizer::scriptHandler in Konqueror in KDE 3.5.9 and 3.5.10 allows remote attackers to cause a denial of service (application crash) via an invalid document.load call that triggers use of a deleted object. NOTE: some of these details are obtained from third party information."
},
{
"lang": "es",
"value": "HTMLTokenizer::scriptHandler en Konqueror de KDE v3.5.9 y v3.5.10, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de una llamada no v\u00e1lida a document.load, esto lanza que se use un objeto eliminado. NOTA: algunos de estos detalles se han obtenido de informaci\u00f3n de terceros."
}
],
"id": "CVE-2008-5698",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-12-22T15:30:00.640",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32208"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/4796"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/31696"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2915"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45804"
},
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/6718"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32208"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/4796"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/31696"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2915"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45804"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/6718"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Red Hat does not consider a crash of a client application such as Konqueror to be a security issue.",
"lastModified": "2009-01-19T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-05-27 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in KDE kdesud on Linux allows local uses to gain privileges via a long DISPLAY environmental variable.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://archives.neohapsis.com/archives/bugtraq/2000-05/0353.html | Exploit, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/1274 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2000-05/0353.html | Exploit, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/1274 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55B38F8C-9451-441B-BCD8-E41C1A2231DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D04A4717-229D-4E20-8FD2-DC13757B0AC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F472ECE0-821E-4A20-B6FC-CC4FC5D1BA36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D6767505-CFD5-4C66-A67A-4740E2994CC8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in KDE kdesud on Linux allows local uses to gain privileges via a long DISPLAY environmental variable."
}
],
"id": "CVE-2000-0460",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-05-27T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0353.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/1274"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0353.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/1274"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-01-09 00:28
Modified
2025-04-09 00:30
Severity ?
Summary
The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://docs.info.apple.com/article.html?artnum=305214 | ||
| cve@mitre.org | http://projects.info-pull.com/moab/MOAB-06-01-2007.html | ||
| cve@mitre.org | http://secunia.com/advisories/23791 | ||
| cve@mitre.org | http://secunia.com/advisories/23799 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/23808 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/23813 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/23815 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/23839 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/23844 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/23876 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/24204 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/24479 | Vendor Advisory | |
| cve@mitre.org | http://securitytracker.com/id?1017514 | ||
| cve@mitre.org | http://support.novell.com/techcenter/psdb/44d7cb9b669d58e0ce5aa5d7ab2c7c53.html | ||
| cve@mitre.org | http://www.kde.org/info/security/advisory-20070115-1.txt | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2007:018 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2007:019 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2007:020 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2007:021 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2007:022 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2007:024 | ||
| cve@mitre.org | http://www.novell.com/linux/security/advisories/2007_3_sr.html | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/457055/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/21910 | Exploit | |
| cve@mitre.org | http://www.securitytracker.com/id?1017749 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/usn-410-1 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/usn-410-2 | ||
| cve@mitre.org | http://www.us-cert.gov/cas/techalerts/TA07-072A.html | US Government Resource | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2007/0203 | Vendor Advisory | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2007/0212 | Vendor Advisory | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2007/0244 | Vendor Advisory | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2007/0930 | Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/31364 | ||
| cve@mitre.org | https://issues.rpath.com/browse/RPL-964 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://docs.info.apple.com/article.html?artnum=305214 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://projects.info-pull.com/moab/MOAB-06-01-2007.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/23791 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/23799 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/23808 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/23813 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/23815 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/23839 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/23844 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/23876 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/24204 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/24479 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1017514 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.novell.com/techcenter/psdb/44d7cb9b669d58e0ce5aa5d7ab2c7c53.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20070115-1.txt | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:018 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:019 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:020 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:021 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:022 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:024 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2007_3_sr.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/457055/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/21910 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1017749 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/usn-410-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/usn-410-2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.us-cert.gov/cas/techalerts/TA07-072A.html | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/0203 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/0212 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/0244 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/0930 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/31364 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://issues.rpath.com/browse/RPL-964 |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2B77866E-6818-4DE6-9457-39416871952C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:3.0.1_pl1:*:*:*:*:*:*:*",
"matchCriteriaId": "B0A09900-C462-4E3D-9399-0271F91DC5BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:3.0.1_pl2:*:*:*:*:*:*:*",
"matchCriteriaId": "0E99D1B2-0FDB-4E39-84FD-B354F808651E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:3.0_pl2:*:*:*:*:*:*:*",
"matchCriteriaId": "F6D23CF8-2B6C-4D2A-8E5E-6AACE99A7C19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "82F69843-978D-4686-BC5B-1D09DA4A21BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ACEE0AED-7918-41E9-A902-AC4070E03132",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "81E19472-47B4-4398-A188-CA5A5D3E7060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D17407A2-089E-43A5-9BD5-EFF966F5CC16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C4B436D-8D6A-473E-B707-26147208808B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E26B353-4985-4116-B97A-5767CDC732F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9F7180B3-03AC-427C-8CAD-FE06F81C4FF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "442021C9-BE4D-4BC9-8114-8BEFA9EC1232",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7036AE90-C7E0-48CE-805D-3F1E04852675",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8D49AE92-BA00-4A8E-BBFE-1BE994CFA3CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "29911CA1-ECFD-476F-8C85-EA0C6C143DC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D17CEFEB-9166-4426-92E1-D8F61D5F5D4C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node."
},
{
"lang": "es",
"value": "La especificaci\u00f3n de Adobe PDF versi\u00f3n 1.3, implementada por (a) xpdf versi\u00f3n 3.0.1 parche 2, (b) kpdf en KDE anterior a versi\u00f3n 3.5.5, (c) poppler anterior a versi\u00f3n 0.5.4, y otros productos, permite a los atacantes remotos tener un impacto desconocido, posiblemente incluyendo la denegaci\u00f3n de servicio (bucle infinito), ejecuci\u00f3n de c\u00f3digo arbitraria, o corrupci\u00f3n de memoria , por medio de un archivo PDF con un (1) diccionario de cat\u00e1logo creado o (2) un atributo Pages creado que hace referencia a un nodo de \u00e1rbol de p\u00e1ginas no v\u00e1lido."
}
],
"id": "CVE-2007-0104",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-01-09T00:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"source": "cve@mitre.org",
"url": "http://projects.info-pull.com/moab/MOAB-06-01-2007.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23791"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23799"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23808"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23813"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23815"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23839"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23844"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23876"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24204"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24479"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017514"
},
{
"source": "cve@mitre.org",
"url": "http://support.novell.com/techcenter/psdb/44d7cb9b669d58e0ce5aa5d7ab2c7c53.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.kde.org/info/security/advisory-20070115-1.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:018"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:019"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:020"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:021"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:022"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:024"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2007_3_sr.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/457055/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/21910"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1017749"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-410-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-410-2"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/0203"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/0212"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/0244"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31364"
},
{
"source": "cve@mitre.org",
"url": "https://issues.rpath.com/browse/RPL-964"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://projects.info-pull.com/moab/MOAB-06-01-2007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23799"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23808"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23813"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23815"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23839"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23844"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23876"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24479"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017514"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.novell.com/techcenter/psdb/44d7cb9b669d58e0ce5aa5d7ab2c7c53.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.kde.org/info/security/advisory-20070115-1.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:018"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:019"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:020"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:021"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2007_3_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/457055/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/21910"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1017749"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-410-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-410-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/0203"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/0212"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/0244"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31364"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-964"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Not Vulnerable. This flaw is the result of an infinite recursion flaw in xpdf, which cannot result in arbitrary code execution.",
"lastModified": "2007-01-15T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1998-11-18 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:stable:*:*:*:*:*:*",
"matchCriteriaId": "32FCB0B3-8FBE-49FA-B17E-0D5462C9E5B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "30661C23-9BE4-4F6E-AEB9-1B9D7DAA6FC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E3313D5-52E8-49B3-B145-170D9A26DA43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable."
}
],
"id": "CVE-1999-0782",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1998-11-18T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=91141486301691\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=91141486301691\u0026w=2"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-01-20 21:03
Modified
2025-04-03 01:03
Severity ?
Summary
Heap-based buffer overflow in the encodeURI and decodeURI functions in the kjs JavaScript interpreter engine in KDE 3.2.0 through 3.5.0 allows remote attackers to execute arbitrary code via a crafted, UTF-8 encoded URI.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.3-kdelibs-kjs.diff | Patch | |
| secalert@redhat.com | http://secunia.com/advisories/18500 | Patch, Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/18540 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/18552 | ||
| secalert@redhat.com | http://secunia.com/advisories/18559 | ||
| secalert@redhat.com | http://secunia.com/advisories/18561 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/18570 | ||
| secalert@redhat.com | http://secunia.com/advisories/18583 | ||
| secalert@redhat.com | http://secunia.com/advisories/18899 | ||
| secalert@redhat.com | http://securityreason.com/securityalert/364 | ||
| secalert@redhat.com | http://securitytracker.com/id?1015512 | ||
| secalert@redhat.com | http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.361107 | ||
| secalert@redhat.com | http://www.debian.org/security/2006/dsa-948 | Vendor Advisory | |
| secalert@redhat.com | http://www.gentoo.org/security/en/glsa/glsa-200601-11.xml | ||
| secalert@redhat.com | http://www.kde.org/info/security/advisory-20060119-1.txt | Patch, Vendor Advisory | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:019 | ||
| secalert@redhat.com | http://www.osvdb.org/22659 | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2006-0184.html | Vendor Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/archive/1/422464/100/0/threaded | ||
| secalert@redhat.com | http://www.securityfocus.com/archive/1/422489/100/0/threaded | ||
| secalert@redhat.com | http://www.securityfocus.com/archive/1/427976/100/0/threaded | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/16325 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/usn-245-1 | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2006/0265 | ||
| secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/24242 | ||
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11858 | ||
| af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.3-kdelibs-kjs.diff | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18500 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18540 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18552 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18559 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18561 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18570 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18583 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18899 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/securityalert/364 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1015512 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.361107 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-948 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200601-11.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20060119-1.txt | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:019 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/22659 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2006-0184.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/422464/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/422489/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/427976/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/16325 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/usn-245-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2006/0265 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/24242 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11858 |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "82F69843-978D-4686-BC5B-1D09DA4A21BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "73B53A48-E222-46D9-B84C-AC26DF6AB400",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.0_beta1:*:*:*:*:*:*:*",
"matchCriteriaId": "666F5ADD-94D8-42C9-8A38-5D2F10CB213E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ACEE0AED-7918-41E9-A902-AC4070E03132",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "81E19472-47B4-4398-A188-CA5A5D3E7060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D17407A2-089E-43A5-9BD5-EFF966F5CC16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.x:*:*:*:*:*:*:*",
"matchCriteriaId": "44B5E71B-FBA8-472D-827F-078E337724E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C4B436D-8D6A-473E-B707-26147208808B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D6AB7C9F-48E2-4ACD-80CB-9559DE4C2BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E26B353-4985-4116-B97A-5767CDC732F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9F7180B3-03AC-427C-8CAD-FE06F81C4FF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.x:*:*:*:*:*:*:*",
"matchCriteriaId": "CB35C02B-9966-41CA-BB8F-61EACB777816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "442021C9-BE4D-4BC9-8114-8BEFA9EC1232",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D600E27F-A1D6-42C7-8ED1-FD508F5B3AB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7036AE90-C7E0-48CE-805D-3F1E04852675",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8D49AE92-BA00-4A8E-BBFE-1BE994CFA3CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7BDBBFE2-D4C6-4466-A173-6AD716503953",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the encodeURI and decodeURI functions in the kjs JavaScript interpreter engine in KDE 3.2.0 through 3.5.0 allows remote attackers to execute arbitrary code via a crafted, UTF-8 encoded URI."
}
],
"id": "CVE-2006-0019",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-01-20T21:03:00.000",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.3-kdelibs-kjs.diff"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18500"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18540"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18552"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18559"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18561"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18570"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18583"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18899"
},
{
"source": "secalert@redhat.com",
"url": "http://securityreason.com/securityalert/364"
},
{
"source": "secalert@redhat.com",
"url": "http://securitytracker.com/id?1015512"
},
{
"source": "secalert@redhat.com",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.361107"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-948"
},
{
"source": "secalert@redhat.com",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-11.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20060119-1.txt"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:019"
},
{
"source": "secalert@redhat.com",
"url": "http://www.osvdb.org/22659"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0184.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/422464/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/422489/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/427976/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/16325"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/usn-245-1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2006/0265"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24242"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11858"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.3-kdelibs-kjs.diff"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18500"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18540"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18552"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18559"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18561"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18570"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18583"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18899"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/364"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.361107"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-948"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-11.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20060119-1.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:019"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/22659"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0184.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/422464/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/422489/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/427976/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/16325"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-245-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/0265"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24242"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11858"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-07-27 22:04
Modified
2025-04-03 01:03
Severity ?
Summary
kdesktop_lock in kdebase before 3.1.3-5.11 for KDE in Red Hat Enterprise Linux (RHEL) 3 does not properly terminate, which can prevent the screensaver from activating or prevent users from manually locking the desktop.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=177755 | ||
| secalert@redhat.com | http://secunia.com/advisories/21203 | Patch, Vendor Advisory | |
| secalert@redhat.com | http://securitytracker.com/id?1016571 | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2006-0576.html | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/19152 | ||
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10535 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=177755 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/21203 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1016571 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2006-0576.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/19152 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10535 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kde | kde | 3.1.2 | |
| kde | kde | 3.1.3 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux_desktop | 3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "33AF934D-B51B-4A81-BC47-FFEAB9A62C30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4A3096F2-B0F1-45E1-806D-6434DE56619A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "kdesktop_lock in kdebase before 3.1.3-5.11 for KDE in Red Hat Enterprise Linux (RHEL) 3 does not properly terminate, which can prevent the screensaver from activating or prevent users from manually locking the desktop."
},
{
"lang": "es",
"value": "kdesktop_lock en kdebase versiones anteriores a 3.1.3-5.11 para KDE en Red Hat Enterprise Linux (RHEL) 3 no termina apropiadamente, lo cual puede impedir que el salva-pantallas se active, o impedir que los usuarios bloqueen manualmente el escritorio."
}
],
"id": "CVE-2006-2933",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-07-27T22:04:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=177755"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21203"
},
{
"source": "secalert@redhat.com",
"url": "http://securitytracker.com/id?1016571"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0576.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/19152"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10535"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=177755"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21203"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016571"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0576.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/19152"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10535"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-10-11 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The cross-site scripting protection for Konqueror in KDE 2.2.2 and 3.0 through 3.0.3 does not properly initialize the domains on sub-frames and sub-iframes, which can allow remote attackers to execute script and steal cookies from subframes that are in other domains.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-047.0.txt | ||
| cve@mitre.org | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000525 | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=103175850925395&w=2 | ||
| cve@mitre.org | http://www.debian.org/security/2002/dsa-167 | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.iss.net/security_center/static/10039.php | Vendor Advisory | |
| cve@mitre.org | http://www.kde.org/info/security/advisory-20020908-2.txt | ||
| cve@mitre.org | http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-064.php | ||
| cve@mitre.org | http://www.osvdb.org/7867 | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2002-220.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2002-221.html | ||
| cve@mitre.org | http://www.securityfocus.com/bid/5689 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-047.0.txt | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000525 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=103175850925395&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2002/dsa-167 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.iss.net/security_center/static/10039.php | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20020908-2.txt | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-064.php | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/7867 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2002-220.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2002-221.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/5689 | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kde:konqueror:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D435E39F-4F70-481B-9225-B072B79BEB69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:konqueror:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8AD68BAB-8945-4A22-938E-12C01D0111D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:konqueror:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7B3220BF-B0AF-4C90-89BD-B425EE58021D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:konqueror:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FA53FB7A-AF7F-45B2-AF23-11B1FC4EC289",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:konqueror:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "619EB7F6-8694-4344-A4C9-A35DA58391AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3F531972-E0A7-4E7C-A899-3766CEAAE2EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4CEED379-3111-4451-B782-8C66CE568A1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B146FCD3-F6E7-4412-94FD-F9E66089C227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99CB51E4-0BFC-4C7C-B9EE-3DBCB0188D73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C629F0C8-C765-4076-B426-80929F9CE285",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The cross-site scripting protection for Konqueror in KDE 2.2.2 and 3.0 through 3.0.3 does not properly initialize the domains on sub-frames and sub-iframes, which can allow remote attackers to execute script and steal cookies from subframes that are in other domains."
},
{
"lang": "es",
"value": "La protecci\u00f3n de ejecuci\u00f3n de secuencias de comandos (scripts) en sitios cruzados en Konqueror 2.2.2 y 3.0 a 3.0.3 no inicializa adecuandamente los dominios en sub-marcos y sub-iframes (marcos incrustados), lo que puede permitir que atacantes remotos ejecuten comandos y roben cookies de submarcos que est\u00e1n en otros dominios."
}
],
"id": "CVE-2002-1151",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-10-11T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-047.0.txt"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000525"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=103175850925395\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2002/dsa-167"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10039.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.kde.org/info/security/advisory-20020908-2.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-064.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/7867"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2002-221.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/5689"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-047.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000525"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=103175850925395\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2002/dsa-167"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10039.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.kde.org/info/security/advisory-20020908-2.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-064.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/7867"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2002-221.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/5689"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-06-15 10:02
Modified
2025-04-03 01:03
Severity ?
Summary
KDE Display Manager (KDM) in KDE 3.2.0 up to 3.5.3 allows local users to read arbitrary files via a symlink attack related to the session type for login.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://secunia.com/advisories/20602 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/20660 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/20674 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/20702 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/20785 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/20869 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/20890 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/21662 | Vendor Advisory | |
| secalert@redhat.com | http://securitytracker.com/id?1016297 | ||
| secalert@redhat.com | http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.444467 | ||
| secalert@redhat.com | http://www.debian.org/security/2006/dsa-1156 | Vendor Advisory | |
| secalert@redhat.com | http://www.gentoo.org/security/en/glsa/glsa-200606-23.xml | ||
| secalert@redhat.com | http://www.kde.org/info/security/advisory-20060614-1.txt | Vendor Advisory | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:105 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:106 | ||
| secalert@redhat.com | http://www.novell.com/linux/security/advisories/2006_39_kdm.html | Vendor Advisory | |
| secalert@redhat.com | http://www.osvdb.org/26511 | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2006-0548.html | Patch, Vendor Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/archive/1/437133/100/0/threaded | ||
| secalert@redhat.com | http://www.securityfocus.com/archive/1/437322/100/0/threaded | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/18431 | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2006/2355 | ||
| secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/27181 | ||
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9844 | ||
| secalert@redhat.com | https://usn.ubuntu.com/301-1/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/20602 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/20660 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/20674 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/20702 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/20785 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/20869 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/20890 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/21662 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1016297 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.444467 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-1156 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200606-23.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20060614-1.txt | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:105 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:106 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2006_39_kdm.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/26511 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2006-0548.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/437133/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/437322/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/18431 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2006/2355 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/27181 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9844 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/301-1/ |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "82F69843-978D-4686-BC5B-1D09DA4A21BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ACEE0AED-7918-41E9-A902-AC4070E03132",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "81E19472-47B4-4398-A188-CA5A5D3E7060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D17407A2-089E-43A5-9BD5-EFF966F5CC16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C4B436D-8D6A-473E-B707-26147208808B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E26B353-4985-4116-B97A-5767CDC732F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9F7180B3-03AC-427C-8CAD-FE06F81C4FF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "442021C9-BE4D-4BC9-8114-8BEFA9EC1232",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7036AE90-C7E0-48CE-805D-3F1E04852675",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8D49AE92-BA00-4A8E-BBFE-1BE994CFA3CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "29911CA1-ECFD-476F-8C85-EA0C6C143DC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D17CEFEB-9166-4426-92E1-D8F61D5F5D4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "67C992C7-E81D-443B-ACE8-B92F8A36C1FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4EAC287B-1AB4-43F3-AC26-EDA689A004B0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "KDE Display Manager (KDM) in KDE 3.2.0 up to 3.5.3 allows local users to read arbitrary files via a symlink attack related to the session type for login."
},
{
"lang": "es",
"value": "KDE Display Manager (KDM) en KDE v3.2.0 a v3.5.3 permite a usuarios locales leer archivos de su elecci\u00f3n mediante un ataque de enlaces simb\u00f3licos relaciado con el tipo de sesi\u00f3n elegido en el inicio de sesi\u00f3n\r\n"
}
],
"evaluatorSolution": "Vendor links provide patches for each version affected.",
"id": "CVE-2006-2449",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:H/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-06-15T10:02:00.000",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20602"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20660"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20674"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20702"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20785"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20869"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20890"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21662"
},
{
"source": "secalert@redhat.com",
"url": "http://securitytracker.com/id?1016297"
},
{
"source": "secalert@redhat.com",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.444467"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-1156"
},
{
"source": "secalert@redhat.com",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200606-23.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20060614-1.txt"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:105"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:106"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.novell.com/linux/security/advisories/2006_39_kdm.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.osvdb.org/26511"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0548.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/437133/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/437322/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/18431"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2006/2355"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27181"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9844"
},
{
"source": "secalert@redhat.com",
"url": "https://usn.ubuntu.com/301-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20602"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20660"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20674"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20702"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20785"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20869"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20890"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21662"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016297"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.444467"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-1156"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200606-23.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20060614-1.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:105"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:106"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.novell.com/linux/security/advisories/2006_39_kdm.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/26511"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0548.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/437133/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/437322/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/18431"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/2355"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27181"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9844"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/301-1/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-10-06 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
KDM in KDE 3.1.3 and earlier does not verify whether the pam_setcred function call succeeds, which may allow attackers to gain root privileges by triggering error conditions within PAM modules, as demonstrated in certain configurations of the MIT pam_krb5 module.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://cert.uni-stuttgart.de/archive/suse/security/2002/12/msg00101.html | ||
| cve@mitre.org | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000747 | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=106374551513499&w=2 | ||
| cve@mitre.org | http://www.debian.org/security/2003/dsa-388 | ||
| cve@mitre.org | http://www.debian.org/security/2004/dsa-443 | ||
| cve@mitre.org | http://www.kde.org/info/security/advisory-20030916-1.txt | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2003:091 | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2003-270.html | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2003-286.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2003-287.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2003-288.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2003-289.html | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A193 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://cert.uni-stuttgart.de/archive/suse/security/2002/12/msg00101.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000747 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=106374551513499&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2003/dsa-388 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2004/dsa-443 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20030916-1.txt | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2003:091 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2003-270.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2003-286.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2003-287.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2003-288.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2003-289.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A193 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kde | kde | 1.1 | |
| kde | kde | 1.1.1 | |
| kde | kde | 1.1.2 | |
| kde | kde | 1.2 | |
| kde | kde | 2.0 | |
| kde | kde | 2.0.1 | |
| kde | kde | 2.0_beta | |
| kde | kde | 2.1 | |
| kde | kde | 2.1.1 | |
| kde | kde | 2.1.2 | |
| kde | kde | 2.2 | |
| kde | kde | 2.2.1 | |
| kde | kde | 2.2.2 | |
| kde | kde | 3.0 | |
| kde | kde | 3.0.1 | |
| kde | kde | 3.0.2 | |
| kde | kde | 3.0.3 | |
| kde | kde | 3.0.3a | |
| kde | kde | 3.0.4 | |
| kde | kde | 3.0.5 | |
| kde | kde | 3.0.5a | |
| kde | kde | 3.0.5b | |
| kde | kde | 3.1 | |
| kde | kde | 3.1.1 | |
| kde | kde | 3.1.1a | |
| kde | kde | 3.1.2 | |
| kde | kde | 3.1.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55B38F8C-9451-441B-BCD8-E41C1A2231DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D04A4717-229D-4E20-8FD2-DC13757B0AC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F472ECE0-821E-4A20-B6FC-CC4FC5D1BA36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D6767505-CFD5-4C66-A67A-4740E2994CC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6671EEE2-8CEC-41C7-9CF2-23D92A1B3DE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B4F3ACDA-8DB4-4E59-B673-021CEBD03D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.0_beta:*:*:*:*:*:*:*",
"matchCriteriaId": "FC14C38A-AAA8-463E-AA7C-F16C6CB3A3EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8C5E480F-A87E-4583-BC75-8596206C0895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2EF4C94E-54BB-44DB-BB7D-841419C4D3A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B292C704-EDFA-4060-90DF-0A3906DB0AC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B5DBFB51-48EB-41E5-9712-0A5368EE56A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EEAE9343-7A7F-4CB0-8CEF-52D61BD689C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3F531972-E0A7-4E7C-A899-3766CEAAE2EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4CEED379-3111-4451-B782-8C66CE568A1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B146FCD3-F6E7-4412-94FD-F9E66089C227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99CB51E4-0BFC-4C7C-B9EE-3DBCB0188D73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C629F0C8-C765-4076-B426-80929F9CE285",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "E107A931-B670-42A8-9F75-EEA0EF3D09B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "671D1461-4AB4-4FB6-977D-733888A1BA9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E268EFFF-6B28-4C64-B052-AFA3BB1E709F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9B6CD2-7343-4D68-BEC6-A7BB0E0F0962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.5b:*:*:*:*:*:*:*",
"matchCriteriaId": "21AC6FAB-45DF-4DE1-AADD-7DCA3AF0051E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1F98A556-D640-40F1-92C2-FC262F50F5C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B7E2C256-8E9F-4D12-ABF4-FECE06B52CAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "ECBCF55E-336B-420E-A154-609C02BB9FEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "33AF934D-B51B-4A81-BC47-FFEAB9A62C30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4A3096F2-B0F1-45E1-806D-6434DE56619A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "KDM in KDE 3.1.3 and earlier does not verify whether the pam_setcred function call succeeds, which may allow attackers to gain root privileges by triggering error conditions within PAM modules, as demonstrated in certain configurations of the MIT pam_krb5 module."
},
{
"lang": "es",
"value": "KDM en KDE 3.1.3 y anteriores no verifica si la llamada a la funci\u00f3n pam_setcred tiene \u00e9xito, lo que podr\u00eda permitir a atacantes ganar privilegios de root disparando condiciones de error en m\u00f3dulo PAM, como se demostr\u00f3 en ciertas configuraciones del m\u00f3dulo pam_krb5 del MIT."
}
],
"id": "CVE-2003-0690",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-10-06T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://cert.uni-stuttgart.de/archive/suse/security/2002/12/msg00101.html"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000747"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=106374551513499\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2003/dsa-388"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2004/dsa-443"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20030916-1.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:091"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-270.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2003-286.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2003-287.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2003-288.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2003-289.html"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A193"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://cert.uni-stuttgart.de/archive/suse/security/2002/12/msg00101.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000747"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=106374551513499\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2003/dsa-388"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2004/dsa-443"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20030916-1.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:091"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-270.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2003-286.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2003-287.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2003-288.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2003-289.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A193"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-02-17 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in the VCF file information reader for KDE Personal Information Management (kdepim) suite in KDE 3.1.0 through 3.1.4 allows attackers to execute arbitrary code via a VCF file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000810 | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=107412130407906&w=2 | ||
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-200404-02.xml | ||
| cve@mitre.org | http://www.kb.cert.org/vuls/id/820798 | US Government Resource | |
| cve@mitre.org | http://www.kde.org/info/security/advisory-20040114-1.txt | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:003 | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2004-005.html | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2004-006.html | ||
| cve@mitre.org | http://www.securityfocus.com/bid/9419 | Patch, Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/14833 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A858 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A865 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000810 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=107412130407906&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200404-02.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/820798 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20040114-1.txt | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:003 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2004-005.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2004-006.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/9419 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/14833 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A858 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A865 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C6EB3F5C-A86E-40E7-B9D7-E8DAB273D880",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B7E2C256-8E9F-4D12-ABF4-FECE06B52CAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "33AF934D-B51B-4A81-BC47-FFEAB9A62C30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4A3096F2-B0F1-45E1-806D-6434DE56619A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the VCF file information reader for KDE Personal Information Management (kdepim) suite in KDE 3.1.0 through 3.1.4 allows attackers to execute arbitrary code via a VCF file."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en el lector de informaci\u00f3n de ficheros VCF del paquete KDE Personal Information Manager (kdepim) en KDE 3.1.0 a 3.1.4 permite a atacantes ejecutar c\u00f3digo arbitrario mediante un fichero VCF."
}
],
"id": "CVE-2003-0988",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-02-17T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000810"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=107412130407906\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200404-02.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/820798"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20040114-1.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:003"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-005.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-006.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9419"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14833"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A858"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A865"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000810"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=107412130407906\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200404-02.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/820798"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20040114-1.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:003"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9419"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14833"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A858"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A865"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-05-05 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
KDE 2 and KDE 3.1.1 and earlier 3.x versions allows attackers to execute arbitrary commands via (1) PostScript (PS) or (2) PDF files, related to missing -dPARANOIDSAFER and -dSAFER arguments when using the kghostview Ghostscript viewer.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://bugs.kde.org/show_bug.cgi?id=53343 | ||
| cve@mitre.org | http://bugs.kde.org/show_bug.cgi?id=56808 | ||
| cve@mitre.org | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000668 | ||
| cve@mitre.org | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000747 | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=105001557020141&w=2 | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=105012994719099&w=2 | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=105017403010459&w=2 | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=105034222521369&w=2 | ||
| cve@mitre.org | http://www.debian.org/security/2003/dsa-284 | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.debian.org/security/2003/dsa-293 | ||
| cve@mitre.org | http://www.debian.org/security/2003/dsa-296 | ||
| cve@mitre.org | http://www.kde.org/info/security/advisory-20030409-1.txt | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2003:049 | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2003-002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://bugs.kde.org/show_bug.cgi?id=53343 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://bugs.kde.org/show_bug.cgi?id=56808 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000668 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000747 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=105001557020141&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=105012994719099&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=105017403010459&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=105034222521369&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2003/dsa-284 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2003/dsa-293 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2003/dsa-296 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20030409-1.txt | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2003:049 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2003-002.html |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6671EEE2-8CEC-41C7-9CF2-23D92A1B3DE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B4F3ACDA-8DB4-4E59-B673-021CEBD03D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8C5E480F-A87E-4583-BC75-8596206C0895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2EF4C94E-54BB-44DB-BB7D-841419C4D3A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B292C704-EDFA-4060-90DF-0A3906DB0AC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B5DBFB51-48EB-41E5-9712-0A5368EE56A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EEAE9343-7A7F-4CB0-8CEF-52D61BD689C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3F531972-E0A7-4E7C-A899-3766CEAAE2EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4CEED379-3111-4451-B782-8C66CE568A1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B146FCD3-F6E7-4412-94FD-F9E66089C227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99CB51E4-0BFC-4C7C-B9EE-3DBCB0188D73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C629F0C8-C765-4076-B426-80929F9CE285",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "E107A931-B670-42A8-9F75-EEA0EF3D09B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "671D1461-4AB4-4FB6-977D-733888A1BA9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E268EFFF-6B28-4C64-B052-AFA3BB1E709F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9B6CD2-7343-4D68-BEC6-A7BB0E0F0962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1F98A556-D640-40F1-92C2-FC262F50F5C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B7E2C256-8E9F-4D12-ABF4-FECE06B52CAA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "KDE 2 and KDE 3.1.1 and earlier 3.x versions allows attackers to execute arbitrary commands via (1) PostScript (PS) or (2) PDF files, related to missing -dPARANOIDSAFER and -dSAFER arguments when using the kghostview Ghostscript viewer."
},
{
"lang": "es",
"value": "KDE 2 y KDE 3.1.1 y versiones 3.x anteriores permiten a atacantes ejecutar comandos arbitrarios mediante ficheros PostScript (PS) o PDF, relacionado con la falta de argumentos -dSAFER y -dPARANOIDSAFER"
}
],
"id": "CVE-2003-0204",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-05-05T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.kde.org/show_bug.cgi?id=53343"
},
{
"source": "cve@mitre.org",
"url": "http://bugs.kde.org/show_bug.cgi?id=56808"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000668"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000747"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=105001557020141\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=105012994719099\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=105017403010459\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=105034222521369\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2003/dsa-284"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2003/dsa-293"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2003/dsa-296"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20030409-1.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:049"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2003-002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.kde.org/show_bug.cgi?id=53343"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.kde.org/show_bug.cgi?id=56808"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000668"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000747"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=105001557020141\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=105012994719099\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=105017403010459\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=105034222521369\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2003/dsa-284"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2003/dsa-293"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2003/dsa-296"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20030409-1.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:049"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2003-002.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-02-08 19:15
Modified
2024-11-21 01:43
Severity ?
Summary
The CSS parser (khtml/css/cssparser.cpp) in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via a crafted font face source, related to "type confusion."
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html | Broken Link, Third Party Advisory | |
| secalert@redhat.com | http://em386.blogspot.com/2010/12/webkit-css-type-confusion.html | Exploit, Third Party Advisory | |
| secalert@redhat.com | http://quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=a872c8a969a8bd3706253d6ba24088e4f07f3352 | Broken Link, Vendor Advisory | |
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-1416.html | Third Party Advisory | |
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-1418.html | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/51097 | Not Applicable, Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/51145 | Not Applicable, Third Party Advisory | |
| secalert@redhat.com | http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc | Third Party Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/10/11/11 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/10/30/6 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://www.securitytracker.com/id?1027709 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html | Broken Link, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://em386.blogspot.com/2010/12/webkit-css-type-confusion.html | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=a872c8a969a8bd3706253d6ba24088e4f07f3352 | Broken Link, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-1416.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-1418.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/51097 | Not Applicable, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/51145 | Not Applicable, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/10/11/11 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/10/30/6 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1027709 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kde | kde | 4.7.3 | |
| redhat | enterprise_linux | 6.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_server_eus | 6.3 | |
| redhat | enterprise_linux_workstation | 6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kde:kde:4.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "04215333-2CD6-4A05-A628-7A368327B838",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "413CC30E-5FFE-47A4-B38B-80E3A9B13238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The CSS parser (khtml/css/cssparser.cpp) in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via a crafted font face source, related to \"type confusion.\""
},
{
"lang": "es",
"value": "El analizador CSS (archivo khtml/css/cssparser.cpp) en Konqueror en KDE versi\u00f3n 4.7.3, permite a atacantes remotos causar una denegaci\u00f3n de servicio (bloqueo) y posiblemente leer la memoria por medio de una fuente font face dise\u00f1ada, relacionada con \"type confusion.\""
}
],
"id": "CVE-2012-4512",
"lastModified": "2024-11-21T01:43:02.233",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-08T19:15:10.473",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://em386.blogspot.com/2010/12/webkit-css-type-confusion.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://quickgit.kde.org/index.php?p=kdelibs.git\u0026a=commitdiff\u0026h=a872c8a969a8bd3706253d6ba24088e4f07f3352"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1416.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1418.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Not Applicable",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/51097"
},
{
"source": "secalert@redhat.com",
"tags": [
"Not Applicable",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/51145"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/11"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/30/6"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1027709"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://em386.blogspot.com/2010/12/webkit-css-type-confusion.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://quickgit.kde.org/index.php?p=kdelibs.git\u0026a=commitdiff\u0026h=a872c8a969a8bd3706253d6ba24088e4f07f3352"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1416.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1418.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/51097"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/51145"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/30/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1027709"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-843"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-05-02 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
KMail 1.7.1 in KDE 3.3.2 allows remote attackers to spoof email information, such as whether the email has been digitally signed or encrypted, via HTML formatted email.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://bugs.kde.org/show_bug.cgi?id=96020 | Exploit, Patch, Vendor Advisory | |
| cve@mitre.org | http://mail.kde.org/pipermail/kmail-devel/2005-February/015490.html | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/14925 | Vendor Advisory | |
| cve@mitre.org | http://www.securiteam.com/unixfocus/5GP0B0AFFE.html | Exploit, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://bugs.kde.org/show_bug.cgi?id=96020 | Exploit, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://mail.kde.org/pipermail/kmail-devel/2005-February/015490.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/14925 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securiteam.com/unixfocus/5GP0B0AFFE.html | Exploit, Patch, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kmail:kmail:1.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F9A330E4-EF4F-44D4-B817-13E532CD9047",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9F7180B3-03AC-427C-8CAD-FE06F81C4FF1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "KMail 1.7.1 in KDE 3.3.2 allows remote attackers to spoof email information, such as whether the email has been digitally signed or encrypted, via HTML formatted email."
}
],
"id": "CVE-2005-0404",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-02T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://bugs.kde.org/show_bug.cgi?id=96020"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://mail.kde.org/pipermail/kmail-devel/2005-February/015490.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/14925"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securiteam.com/unixfocus/5GP0B0AFFE.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://bugs.kde.org/show_bug.cgi?id=96020"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://mail.kde.org/pipermail/kmail-devel/2005-February/015490.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/14925"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securiteam.com/unixfocus/5GP0B0AFFE.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-05-02 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in the kimgio library for KDE 3.4.0 allows remote attackers to execute arbitrary code via a crafted PCX image file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://bugs.kde.org/show_bug.cgi?id=102328 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/14908 | Patch, Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/28114 | ||
| cve@mitre.org | http://sunsolve.sun.com/search/document.do?assetkey=1-26-103170-1 | ||
| cve@mitre.org | http://sunsolve.sun.com/search/document.do?assetkey=1-66-201320-1 | ||
| cve@mitre.org | http://www.debian.org/security/2005/dsa-714 | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.kde.org/info/security/advisory-20050421-1.txt | ||
| cve@mitre.org | http://www.novell.com/linux/security/advisories/2005_22_kdelibs3.html | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-393.html | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/427976/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/13096 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2005/0331 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2007/4241 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11081 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5802 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://bugs.kde.org/show_bug.cgi?id=102328 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/14908 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/28114 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-26-103170-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-66-201320-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-714 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20050421-1.txt | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2005_22_kdelibs3.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-393.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/427976/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/13096 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2005/0331 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/4241 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11081 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5802 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:3.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D600E27F-A1D6-42C7-8ED1-FD508F5B3AB1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the kimgio library for KDE 3.4.0 allows remote attackers to execute arbitrary code via a crafted PCX image file."
}
],
"id": "CVE-2005-1046",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-02T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://bugs.kde.org/show_bug.cgi?id=102328"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/14908"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28114"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103170-1"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201320-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2005/dsa-714"
},
{
"source": "cve@mitre.org",
"url": "http://www.kde.org/info/security/advisory-20050421-1.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.novell.com/linux/security/advisories/2005_22_kdelibs3.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-393.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/427976/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/13096"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2005/0331"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/4241"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11081"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5802"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://bugs.kde.org/show_bug.cgi?id=102328"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/14908"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28114"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103170-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201320-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2005/dsa-714"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.kde.org/info/security/advisory-20050421-1.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.novell.com/linux/security/advisories/2005_22_kdelibs3.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-393.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/427976/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/13096"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2005/0331"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/4241"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11081"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5802"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-07-26 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@debian.org | http://lwn.net/Articles/144724/ | Patch, Vendor Advisory | |
| security@debian.org | http://marc.info/?l=bugtraq&m=112198499417250&w=2 | ||
| security@debian.org | http://secunia.com/advisories/16140 | Vendor Advisory | |
| security@debian.org | http://secunia.com/advisories/16155 | Vendor Advisory | |
| security@debian.org | http://secunia.com/advisories/16211 | Vendor Advisory | |
| security@debian.org | http://secunia.com/advisories/16242 | Vendor Advisory | |
| security@debian.org | http://security.gentoo.org/glsa/glsa-200507-23.xml | Patch, Vendor Advisory | |
| security@debian.org | http://www.gentoo.org/security/en/glsa/glsa-200507-26.xml | ||
| security@debian.org | http://www.kde.org/info/security/advisory-20050721-1.txt | Patch, Vendor Advisory | |
| security@debian.org | http://www.novell.com/linux/security/advisories/2005_19_sr.html | ||
| security@debian.org | http://www.redhat.com/support/errata/RHSA-2005-639.html | ||
| security@debian.org | http://www.securityfocus.com/bid/14345 | Patch | |
| security@debian.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9532 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lwn.net/Articles/144724/ | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=112198499417250&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/16140 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/16155 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/16211 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/16242 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200507-23.xml | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200507-26.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20050721-1.txt | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2005_19_sr.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-639.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/14345 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9532 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ekg | ekg | 1.0 | |
| ekg | ekg | 1.0_rc2 | |
| ekg | ekg | 1.0_rc3 | |
| ekg | ekg | 1.1 | |
| ekg | ekg | 1.1_rc1 | |
| ekg | ekg | 1.1_rc2 | |
| ekg | ekg | 1.3 | |
| ekg | ekg | 1.4 | |
| ekg | ekg | 1.5 | |
| ekg | ekg | 1.5_rc1 | |
| ekg | ekg | 1.5_rc2 | |
| kde | kde | 3.2.3 | |
| kde | kde | 3.3 | |
| kde | kde | 3.3.1 | |
| kde | kde | 3.3.2 | |
| kde | kde | 3.4 | |
| kde | kde | 3.4.0 | |
| kde | kde | 3.4.1 | |
| centericq | centericq | * | |
| kadu | kadu | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ekg:ekg:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13F32A39-4443-46C9-8E14-08AA59BC1CC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ekg:ekg:1.0_rc2:*:*:*:*:*:*:*",
"matchCriteriaId": "6531EE56-D685-4276-A911-E69C80F86561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ekg:ekg:1.0_rc3:*:*:*:*:*:*:*",
"matchCriteriaId": "28012535-7CAD-456E-86A5-649CF21E28F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ekg:ekg:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "74A32270-8C65-4ED4-96CB-B389B97587A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ekg:ekg:1.1_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6A305C4-F461-429D-90F8-3FCC04D07635",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ekg:ekg:1.1_rc2:*:*:*:*:*:*:*",
"matchCriteriaId": "CF945FFF-C0D9-4C56-8B43-3ABE9530E939",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ekg:ekg:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "17988E27-6C98-48B4-8779-4EF69E8DBD42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ekg:ekg:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "12FCB0EE-8BCE-4E68-B78D-A57E8E9DEC92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ekg:ekg:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D723B90C-9746-4F94-A8A3-273240A2CBCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ekg:ekg:1.5_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "6D2E4CA2-0024-4F4E-AB1C-328539E17451",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ekg:ekg:1.5_rc2:*:*:*:*:*:*:*",
"matchCriteriaId": "FAC21287-D631-4836-9945-9673A2BC9C7D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D17407A2-089E-43A5-9BD5-EFF966F5CC16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C4B436D-8D6A-473E-B707-26147208808B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E26B353-4985-4116-B97A-5767CDC732F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9F7180B3-03AC-427C-8CAD-FE06F81C4FF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "442021C9-BE4D-4BC9-8114-8BEFA9EC1232",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D600E27F-A1D6-42C7-8ED1-FD508F5B3AB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7036AE90-C7E0-48CE-805D-3F1E04852675",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:centericq:centericq:*:*:*:*:*:*:*:*",
"matchCriteriaId": "865F252C-CC39-47D8-BCFD-66E3E331E514",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kadu:kadu:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0215DF17-C015-41E1-91F0-9D216209105C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en libgadu, usado en Kopete en KDE 3.2.3 hasta la 3.4.1, ekg anteriores a 1.6rc3, GNU Gadu, CenterICQ, Kadu, y otros paquetes, permite que atacantes remotos causen una denegaci\u00f3n de servicio (ca\u00edda) y posiblemente ejecuten c\u00f3digo arbitrario mediante un mensaje de entrada."
}
],
"id": "CVE-2005-1852",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-07-26T04:00:00.000",
"references": [
{
"source": "security@debian.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lwn.net/Articles/144724/"
},
{
"source": "security@debian.org",
"url": "http://marc.info/?l=bugtraq\u0026m=112198499417250\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/16140"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/16155"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/16211"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/16242"
},
{
"source": "security@debian.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200507-23.xml"
},
{
"source": "security@debian.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200507-26.xml"
},
{
"source": "security@debian.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20050721-1.txt"
},
{
"source": "security@debian.org",
"url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html"
},
{
"source": "security@debian.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-639.html"
},
{
"source": "security@debian.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/14345"
},
{
"source": "security@debian.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9532"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lwn.net/Articles/144724/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=112198499417250\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/16140"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/16155"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/16211"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/16242"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200507-23.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200507-26.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20050721-1.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-639.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/14345"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9532"
}
],
"sourceIdentifier": "security@debian.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-06-13 13:29
Modified
2025-04-20 01:37
Severity ?
Summary
KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in KDE Applications before 17.04.2, do not ensure that a plugin's sign/encrypt action occurs during use of the Send Later feature, which allows remote attackers to obtain sensitive information by sniffing the network.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://commits.kde.org/kmail/78c5552be2f00a4ac25bd77ca39386522fca70a8 | Mailing List, Patch, Tool Signature | |
| cve@mitre.org | https://commits.kde.org/messagelib/c54706e990bbd6498e7b1597ec7900bc809e8197 | Mailing List, Patch, Tool Signature | |
| af854a3a-2127-422b-91ae-364da2661108 | https://commits.kde.org/kmail/78c5552be2f00a4ac25bd77ca39386522fca70a8 | Mailing List, Patch, Tool Signature | |
| af854a3a-2127-422b-91ae-364da2661108 | https://commits.kde.org/messagelib/c54706e990bbd6498e7b1597ec7900bc809e8197 | Mailing List, Patch, Tool Signature |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kde:kmail:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AFE05B36-25E9-45C3-B954-23274FF27E23",
"versionEndIncluding": "5.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:messagelib:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EFB5A70C-A555-4661-AD17-FFD7B8401A76",
"versionEndIncluding": "5.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:17.04:*:*:*:*:*:*:*",
"matchCriteriaId": "65A3F3E7-0DD1-44DE-BE29-72C6CEA77327",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in KDE Applications before 17.04.2, do not ensure that a plugin\u0027s sign/encrypt action occurs during use of the Send Later feature, which allows remote attackers to obtain sensitive information by sniffing the network."
},
{
"lang": "es",
"value": "KDE kmail anterior a la 5.5.2 y messagelib anterior a la 5.5.2, como distribuciones en aplicaciones KDE anteriores a la 17.04.2, no asegura que la acci\u00f3n de firma del plugin ocurre durante el uso de la caracter\u00edstica Send Later, lo que permite a un atacante remoto obtener informaci\u00f3n sensible mediante la observaci\u00f3n de la red."
}
],
"id": "CVE-2017-9604",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-06-13T13:29:00.220",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Tool Signature"
],
"url": "https://commits.kde.org/kmail/78c5552be2f00a4ac25bd77ca39386522fca70a8"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Tool Signature"
],
"url": "https://commits.kde.org/messagelib/c54706e990bbd6498e7b1597ec7900bc809e8197"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Tool Signature"
],
"url": "https://commits.kde.org/kmail/78c5552be2f00a4ac25bd77ca39386522fca70a8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Tool Signature"
],
"url": "https://commits.kde.org/messagelib/c54706e990bbd6498e7b1597ec7900bc809e8197"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-311"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-05-02 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The International Domain Name (IDN) support in Konqueror 3.2.1 on KDE 3.2.1 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031459.html | Exploit, Vendor Advisory | |
| secalert@redhat.com | http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031460.html | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/14162 | Patch, Vendor Advisory | |
| secalert@redhat.com | http://www.kde.org/info/security/advisory-20050316-2.txt | Patch, Vendor Advisory | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2005:058 | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2005-325.html | ||
| secalert@redhat.com | http://www.securityfocus.com/archive/1/427976/100/0/threaded | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/12461 | ||
| secalert@redhat.com | http://www.shmoo.com/idn | Exploit | |
| secalert@redhat.com | http://www.shmoo.com/idn/homograph.txt | ||
| secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/19236 | ||
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10671 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031459.html | Exploit, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031460.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/14162 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20050316-2.txt | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2005:058 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-325.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/427976/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/12461 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.shmoo.com/idn | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.shmoo.com/idn/homograph.txt | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/19236 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10671 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kde:konqueror:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0172B167-5780-4F80-ACC9-2FB8B60D6717",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ACEE0AED-7918-41E9-A902-AC4070E03132",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The International Domain Name (IDN) support in Konqueror 3.2.1 on KDE 3.2.1 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks."
}
],
"id": "CVE-2005-0237",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-02T04:00:00.000",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031459.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031460.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/14162"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20050316-2.txt"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:058"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2005-325.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/427976/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/12461"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://www.shmoo.com/idn"
},
{
"source": "secalert@redhat.com",
"url": "http://www.shmoo.com/idn/homograph.txt"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19236"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10671"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031459.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031460.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/14162"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20050316-2.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:058"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-325.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/427976/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/12461"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.shmoo.com/idn"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.shmoo.com/idn/homograph.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19236"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10671"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1998-04-29 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in kppp in KDE allows local users to gain root access via a long -c (account_name) command line argument.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/9121 | Exploit, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/92 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/1643 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/9121 | Exploit, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/92 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/1643 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D54C9BCD-7544-4005-8F61-45C3EC054385",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in kppp in KDE allows local users to gain root access via a long -c (account_name) command line argument."
}
],
"id": "CVE-1999-1106",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1998-04-29T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/9121"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/92"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1643"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/9121"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/92"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1643"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-10-28 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in DSC 3.0 parser from GSview, as used in KGhostView in KDE 1.1 and KDE 3.0.3a, may allow attackers to cause a denial of service or execute arbitrary code via a modified .ps (PostScript) input file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://archives.neohapsis.com/archives/bugtraq/2002-10/0163.html | ||
| cve@mitre.org | http://sunsolve.sun.com/search/document.do?assetkey=1-26-101426-1 | ||
| cve@mitre.org | http://www.ciac.org/ciac/bulletins/n-155.shtml | ||
| cve@mitre.org | http://www.iss.net/security_center/static/11319.php | Vendor Advisory | |
| cve@mitre.org | http://www.kde.org/info/security/advisory-20021008-1.txt | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:071 | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2002-220.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2002-10/0163.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-26-101426-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ciac.org/ciac/bulletins/n-155.shtml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.iss.net/security_center/static/11319.php | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20021008-1.txt | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:071 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2002-220.html | Patch, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55B38F8C-9451-441B-BCD8-E41C1A2231DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "E107A931-B670-42A8-9F75-EEA0EF3D09B5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in DSC 3.0 parser from GSview, as used in KGhostView in KDE 1.1 and KDE 3.0.3a, may allow attackers to cause a denial of service or execute arbitrary code via a modified .ps (PostScript) input file."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en el procesador (parser) DSC 3.0 de GSView usado en KGhostView en KDE 1.1 y KDE 3.0.3a, puede permitir a atacantes causar una denegaci\u00f3n de servicio o ejecutar c\u00f3digo arbitrario mediante un fichero de entrada PostScript (.ps) modificado."
}
],
"id": "CVE-2002-1223",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-10-28T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0163.html"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101426-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.ciac.org/ciac/bulletins/n-155.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/11319.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20021008-1.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:071"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0163.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101426-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ciac.org/ciac/bulletins/n-155.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/11319.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20021008-1.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:071"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-04-27 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2005:041 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2005:042 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2005:043 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2005:044 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2005:052 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2005:056 | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-034.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-053.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-057.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-132.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-213.html | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/11501 | Patch, Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/17818 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2005:041 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2005:042 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2005:043 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2005:044 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2005:052 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2005:056 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-034.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-053.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-057.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-132.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-213.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/11501 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/17818 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ascii | ptex | 3.1.4 | |
| cstex | cstetex | 2.0.2 | |
| easy_software_products | cups | 1.0.4 | |
| easy_software_products | cups | 1.0.4_8 | |
| easy_software_products | cups | 1.1.1 | |
| easy_software_products | cups | 1.1.4 | |
| easy_software_products | cups | 1.1.4_2 | |
| easy_software_products | cups | 1.1.4_3 | |
| easy_software_products | cups | 1.1.4_5 | |
| easy_software_products | cups | 1.1.6 | |
| easy_software_products | cups | 1.1.7 | |
| easy_software_products | cups | 1.1.10 | |
| easy_software_products | cups | 1.1.12 | |
| easy_software_products | cups | 1.1.13 | |
| easy_software_products | cups | 1.1.14 | |
| easy_software_products | cups | 1.1.15 | |
| easy_software_products | cups | 1.1.16 | |
| easy_software_products | cups | 1.1.17 | |
| easy_software_products | cups | 1.1.18 | |
| easy_software_products | cups | 1.1.19 | |
| easy_software_products | cups | 1.1.19_rc5 | |
| easy_software_products | cups | 1.1.20 | |
| gnome | gpdf | 0.110 | |
| gnome | gpdf | 0.112 | |
| gnome | gpdf | 0.131 | |
| kde | koffice | 1.3 | |
| kde | koffice | 1.3.1 | |
| kde | koffice | 1.3.2 | |
| kde | koffice | 1.3.3 | |
| kde | koffice | 1.3_beta1 | |
| kde | koffice | 1.3_beta2 | |
| kde | koffice | 1.3_beta3 | |
| kde | kpdf | 3.2 | |
| pdftohtml | pdftohtml | 0.32a | |
| pdftohtml | pdftohtml | 0.32b | |
| pdftohtml | pdftohtml | 0.33 | |
| pdftohtml | pdftohtml | 0.33a | |
| pdftohtml | pdftohtml | 0.34 | |
| pdftohtml | pdftohtml | 0.35 | |
| pdftohtml | pdftohtml | 0.36 | |
| sgi | propack | 3.0 | |
| tetex | tetex | 1.0.6 | |
| tetex | tetex | 1.0.7 | |
| tetex | tetex | 2.0 | |
| tetex | tetex | 2.0.1 | |
| tetex | tetex | 2.0.2 | |
| xpdf | xpdf | 0.90 | |
| xpdf | xpdf | 0.91 | |
| xpdf | xpdf | 0.92 | |
| xpdf | xpdf | 0.93 | |
| xpdf | xpdf | 1.0 | |
| xpdf | xpdf | 1.0a | |
| xpdf | xpdf | 1.1 | |
| xpdf | xpdf | 2.0 | |
| xpdf | xpdf | 2.1 | |
| xpdf | xpdf | 2.3 | |
| xpdf | xpdf | 3.0 | |
| sgi | advanced_linux_environment | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| gentoo | linux | * | |
| kde | kde | 3.2 | |
| kde | kde | 3.2.1 | |
| kde | kde | 3.2.2 | |
| kde | kde | 3.2.3 | |
| kde | kde | 3.3 | |
| kde | kde | 3.3.1 | |
| mandrakesoft | mandrake_linux_corporate_server | 3.0 | |
| mandrakesoft | mandrake_linux_corporate_server | 3.0 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux_desktop | 3.0 | |
| redhat | fedora_core | core_1.0 | |
| redhat | fedora_core | core_2.0 | |
| redhat | fedora_core | core_3.0 | |
| redhat | linux | 9.0 | |
| redhat | linux_advanced_workstation | 2.1 | |
| redhat | linux_advanced_workstation | 2.1 | |
| suse | suse_linux | 1.0 | |
| suse | suse_linux | 2.0 | |
| suse | suse_linux | 3.0 | |
| suse | suse_linux | 4.0 | |
| suse | suse_linux | 4.2 | |
| suse | suse_linux | 4.3 | |
| suse | suse_linux | 4.4 | |
| suse | suse_linux | 4.4.1 | |
| suse | suse_linux | 5.0 | |
| suse | suse_linux | 5.1 | |
| suse | suse_linux | 5.2 | |
| suse | suse_linux | 5.3 | |
| suse | suse_linux | 6.0 | |
| suse | suse_linux | 6.1 | |
| suse | suse_linux | 6.1 | |
| suse | suse_linux | 6.2 | |
| suse | suse_linux | 6.3 | |
| suse | suse_linux | 6.3 | |
| suse | suse_linux | 6.3 | |
| suse | suse_linux | 6.4 | |
| suse | suse_linux | 6.4 | |
| suse | suse_linux | 6.4 | |
| suse | suse_linux | 6.4 | |
| suse | suse_linux | 7.0 | |
| suse | suse_linux | 7.0 | |
| suse | suse_linux | 7.0 | |
| suse | suse_linux | 7.0 | |
| suse | suse_linux | 7.0 | |
| suse | suse_linux | 7.1 | |
| suse | suse_linux | 7.1 | |
| suse | suse_linux | 7.1 | |
| suse | suse_linux | 7.1 | |
| suse | suse_linux | 7.1 | |
| suse | suse_linux | 7.2 | |
| suse | suse_linux | 7.2 | |
| suse | suse_linux | 7.3 | |
| suse | suse_linux | 7.3 | |
| suse | suse_linux | 7.3 | |
| suse | suse_linux | 7.3 | |
| suse | suse_linux | 8.0 | |
| suse | suse_linux | 8.0 | |
| suse | suse_linux | 8.1 | |
| suse | suse_linux | 8.2 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.1 | |
| suse | suse_linux | 9.1 | |
| suse | suse_linux | 9.2 | |
| suse | suse_linux | 9.2 | |
| ubuntu | ubuntu_linux | 4.1 | |
| ubuntu | ubuntu_linux | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ascii:ptex:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4AE020D3-0F38-4F53-AFB7-B4E98EAC659F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cstex:cstetex:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E16058D9-AC8B-4A7C-865F-93B476348363",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "68BD578F-CCAD-4515-9205-EB4F297C6DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4_8:*:*:*:*:*:*:*",
"matchCriteriaId": "F3182CA2-7375-43BC-A0E5-DE11D4B65EE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FCF4C8D0-3030-4DD5-800B-76A582A4CD0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "734D0C2C-F71F-461A-87EE-202C6B706753",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_2:*:*:*:*:*:*:*",
"matchCriteriaId": "3F0F402D-5CD0-4477-8B59-C753CECB02BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_3:*:*:*:*:*:*:*",
"matchCriteriaId": "959F7AFA-ED20-434C-993F-06C2A8574662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_5:*:*:*:*:*:*:*",
"matchCriteriaId": "D4F5A0A4-2884-46CA-A846-8B954EB80CFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1741CC9D-C4A8-48F9-86CF-EC20AE2A6BE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "35E65857-12C7-49DE-AD27-3CACD456231C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "47CEF035-57A6-470B-916A-E5562C28E866",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "4E26BB15-4CF8-4496-A7F7-EB34C444EF72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "D414984E-4F6B-4278-8346-968587E4B18E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "33C36DCB-2FDD-44E6-85E8-875575AAE69E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "7C4B7C23-0C54-4FBA-A774-9CC1E148376E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "9FA0EF14-33E6-4D44-B86E-F04014EA3C8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "A5428EE6-F90A-4BB6-9D8C-8B99E80AB6DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "A786A770-919E-4E23-949D-D836F316618A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "00A2249C-73DE-434E-A41F-4EDB0ADC0845",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.19_rc5:*:*:*:*:*:*:*",
"matchCriteriaId": "73AB4D3D-FF35-4A50-A144-3AD41F6F2E55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "FB7653F1-70E2-423F-A6A9-30333644B506",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:gpdf:0.110:*:*:*:*:*:*:*",
"matchCriteriaId": "1CB6AE42-D493-43E5-A97C-76C8450E5881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:gpdf:0.112:*:*:*:*:*:*:*",
"matchCriteriaId": "2E70576E-C253-4F8B-A93E-14CC2EE7114D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:gpdf:0.131:*:*:*:*:*:*:*",
"matchCriteriaId": "832C5512-B473-40E8-BF4F-EC6ABFE46749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "053435DD-BFDF-4C39-9919-11C42D569085",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E9BB1A3C-3348-4545-A513-E504B33F72AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CD45E2C8-0B0E-484F-8050-94BF77798183",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4EAA654E-9DD4-4614-92D7-EF4D676B3A18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3_beta1:*:*:*:*:*:*:*",
"matchCriteriaId": "89C96FC9-40DB-467D-A701-49F97A1B887D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3_beta2:*:*:*:*:*:*:*",
"matchCriteriaId": "76128BDC-2CA7-4AE7-8C4F-BCB3835CA938",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3_beta3:*:*:*:*:*:*:*",
"matchCriteriaId": "0B2517C7-27EF-4961-91C3-CA33219AFF2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.32a:*:*:*:*:*:*:*",
"matchCriteriaId": "EE346726-71D6-438B-B600-A7E107332816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.32b:*:*:*:*:*:*:*",
"matchCriteriaId": "87E85020-B4DB-4011-BDD0-1C8967D45A84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.33:*:*:*:*:*:*:*",
"matchCriteriaId": "8189A9AB-F685-40E2-944F-8BD3DD6FA0A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.33a:*:*:*:*:*:*:*",
"matchCriteriaId": "C33B8585-FA5F-4210-A997-615BCEE1726F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.34:*:*:*:*:*:*:*",
"matchCriteriaId": "F4AE4C34-C497-426F-AC0D-1805A50582EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.35:*:*:*:*:*:*:*",
"matchCriteriaId": "A2989EFF-07B9-4EF2-B6C1-59E4F52FDC92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.36:*:*:*:*:*:*:*",
"matchCriteriaId": "A3970101-5E83-49FD-BCB6-D9176D46B5A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "739A56F5-B19A-4B92-B9CB-04ECE4FFE204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "28CC6233-E207-40CC-81FF-A8670EEA4295",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "64DD9B5C-3DB8-4E15-B4A6-541E4E221C1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "0304E1E3-8766-40D0-8879-A652B4E9E72D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "188F1343-8082-4B54-8DA4-E344818ABD52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B95DA7DE-B786-4EE7-A3F4-C077A7986D5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:1.0a:*:*:*:*:*:*:*",
"matchCriteriaId": "C5306C05-4A71-4175-8C22-F2DE0F2FE4C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3B9DEF16-ECD5-4BBE-8986-52A6171B3D9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CFFDBEEC-B2C1-47F0-82D3-FC9147B590A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "354487CF-0086-4AE2-872B-0032E3EB89EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1169B802-7279-437F-AF59-621A67DC92EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:advanced_linux_environment:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A05AC3EE-6292-4ECC-9680-048A12FCE723",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*",
"matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*",
"matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*",
"matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*",
"matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*",
"matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*",
"matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*",
"matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*",
"matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*",
"matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "82F69843-978D-4686-BC5B-1D09DA4A21BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ACEE0AED-7918-41E9-A902-AC4070E03132",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "81E19472-47B4-4398-A188-CA5A5D3E7060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D17407A2-089E-43A5-9BD5-EFF966F5CC16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C4B436D-8D6A-473E-B707-26147208808B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E26B353-4985-4116-B97A-5767CDC732F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*",
"matchCriteriaId": "81B543F9-C209-46C2-B0AE-E14818A6992E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*",
"matchCriteriaId": "DB89C970-DE94-4E09-A90A-077DB83AD156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
"matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "02EE2D72-B1E6-4380-80B0-E40A23DDD115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "111575DE-98A2-4C54-BDE1-CACC74D22B35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1976D15D-9EE6-4A49-B59F-34F0505FD5BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "962FC8D7-BE5D-4E7D-9ADC-511681C593BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "451453AC-65FF-4E3B-9AC1-2DDB2E2182E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7716120D-5110-42B0-A574-9AA2AC8D3C32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CB4C8426-CAF2-4366-94C0-1BA1C544FB6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5CC7D746-B98B-4FAF-B816-57222759A344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "830D48B8-D21D-4D31-99A1-20C231804DBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5C0BBDD2-9FF9-4CB7-BCAF-D4AF15DC2C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D1C826AA-6E2F-4DAC-A7A2-9F47729B5DA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC94EF9-5872-402F-B2FC-06331A924BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F163E145-09F7-4BE2-9B46-5B6713070BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "124E1802-7984-45ED-8A92-393FC20662FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.1:alpha:*:*:*:*:*:*",
"matchCriteriaId": "C7F08806-9458-439A-8EAE-2553122262ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1B67020A-6942-4478-B501-764147C4970D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD0FF64-05DF-48C2-9BB5-FD993121FB2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E74E0A28-7C78-4160-8BCF-99605285C0EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.3:alpha:*:*:*:*:*:*",
"matchCriteriaId": "76159C25-0760-47CB-AFCE-28306CDEA830",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7786607A-362E-4817-A17E-C76D6A1F737D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:i386:*:*:*:*:*",
"matchCriteriaId": "8A206E1C-C2EC-4356-8777-B18D7069A4C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:ppc:*:*:*:*:*",
"matchCriteriaId": "6E2FE291-1142-4627-A497-C0BB0D934A0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.4:alpha:*:*:*:*:*:*",
"matchCriteriaId": "49BC7C7E-046C-4186-822E-9F3A2AD3577B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "2FE69F6F-6B17-4C87-ACA4-A2A1FB47206A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:ppc:*:*:*:*:*",
"matchCriteriaId": "467A30EB-CB8F-4928-AC8F-F659084A9E2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "714C1439-AB8E-4A8B-A783-D60E9DDC38D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:alpha:*:*:*:*:*:*",
"matchCriteriaId": "62CAE5B0-4D46-4A93-A343-C8E9CB574C62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "819868A7-EB1E-4CA9-8D71-72F194E5EFEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:spa:*:*:*:*:*",
"matchCriteriaId": "FB647A8B-ADB9-402B-96E1-45321C75731B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:sparc:*:*:*:*:*",
"matchCriteriaId": "0944FD27-736E-4B55-8D96-9F2CA9BB9B05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:x86:*:*:*:*:*",
"matchCriteriaId": "373BB5AC-1F38-4D0A-97DC-08E9654403EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.1:alpha:*:*:*:*:*:*",
"matchCriteriaId": "B5E71DA3-F4A0-46AF-92A2-E691C7A65528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0519FF7D-363E-4530-9E63-6EA3E88432DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:i386:*:*:*:*:*",
"matchCriteriaId": "1975A2DD-EB22-4ED3-8719-F78AA7F414B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FAE3FF4F-646F-4E05-A08A-C9399DEF60F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:i386:*:*:*:*:*",
"matchCriteriaId": "19F606EE-530F-4C06-82DB-52035EE03FA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:ppc:*:*:*:*:*",
"matchCriteriaId": "A0E896D5-0005-4E7E-895D-B202AFCE09A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:sparc:*:*:*:*:*",
"matchCriteriaId": "5A8B313F-93C7-4558-9571-DE1111487E17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities."
},
{
"lang": "es",
"value": "El parche para corregir las vulnerabilidades de desbordamiento de entero en Xpdf 2.0 y 3.0 (CAN-2004-0888) es incompleto para arquitecturas de 64 bits en ciertas distribuciones de Linux como Red Hat, lo que podr\u00eda dejar a los usuarios de Xpdf expuestos a las vulnerabilidades originales."
}
],
"id": "CVE-2005-0206",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-04-27T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:041"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:042"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:043"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:044"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:056"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-034.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-057.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-132.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-213.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11501"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:042"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:043"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:044"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:056"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-034.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-057.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-132.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-213.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11501"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-03-07 20:19
Modified
2025-04-09 00:30
Severity ?
Summary
Kmail 1.9.1 on KDE 3.5.2, with "Prefer HTML to Plain Text" enabled, allows remote attackers to cause a denial of service (crash) via an HTML e-mail with certain table and frameset tags that trigger a segmentation fault, possibly involving invalid free or delete operations.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0293.html | Exploit | |
| cve@mitre.org | http://secunia.com/advisories/24889 | Vendor Advisory | |
| cve@mitre.org | http://securityreason.com/securityalert/2347 | ||
| cve@mitre.org | http://www.novell.com/linux/security/advisories/2007_6_sr.html | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/448766/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/448768/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/20539 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/29557 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0293.html | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/24889 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/securityalert/2347 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2007_6_sr.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/448766/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/448768/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/20539 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/29557 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:3.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "67C992C7-E81D-443B-ACE8-B92F8A36C1FD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kde:k-mail:1.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "925F378D-19C9-47BA-A769-C1888A39DB3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Kmail 1.9.1 on KDE 3.5.2, with \"Prefer HTML to Plain Text\" enabled, allows remote attackers to cause a denial of service (crash) via an HTML e-mail with certain table and frameset tags that trigger a segmentation fault, possibly involving invalid free or delete operations."
},
{
"lang": "es",
"value": "Kmail 1.9.1 en el KDE 3.5.2, con el \"Preferencia de HTML frente al Texto Plano\" habilitado, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) mediante un e-mail HTML con ciertas tables y etiquetas frameset lo que disparan un fallo de segmentaci\u00f3n, posiblemente involucrando operaciones no v\u00e1lidas de borrado o libres."
}
],
"id": "CVE-2006-7139",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2007-03-07T20:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0293.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24889"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/2347"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2007_6_sr.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/448766/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/448768/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/20539"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29557"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0293.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24889"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/2347"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2007_6_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/448766/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/448768/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/20539"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29557"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Not vulnerable. Our testing found that this issue did not affect the versions of Kmail as shipped with Red Hat Enterprise Linux 2.1, 3, or 4.",
"lastModified": "2007-03-08T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-09-28 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The DCOPServer in KDE 3.2.3 and earlier allows local users to gain unauthorized access via a symlink attack on DCOP files in the /tmp directory.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=261386 | Exploit, Patch, Vendor Advisory | |
| cve@mitre.org | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000864 | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=109225538901170&w=2 | ||
| cve@mitre.org | http://secunia.com/advisories/12276 | ||
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-200408-13.xml | ||
| cve@mitre.org | http://www.kb.cert.org/vuls/id/330638 | US Government Resource | |
| cve@mitre.org | http://www.kde.org/info/security/advisory-20040811-2.txt | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2004:086 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/10924 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/16962 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=261386 | Exploit, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000864 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=109225538901170&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/12276 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200408-13.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/330638 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20040811-2.txt | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2004:086 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/10924 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/16962 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ACEE0AED-7918-41E9-A902-AC4070E03132",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The DCOPServer in KDE 3.2.3 and earlier allows local users to gain unauthorized access via a symlink attack on DCOP files in the /tmp directory."
},
{
"lang": "es",
"value": "El servidor DCOP en KDE 3.2.3 y anteriores permite a usuarios locales ganar acceso autorizado mediante un ataque de enlaces simb\u00f3licos en ficheros DCOP en el directorio /tmp."
}
],
"id": "CVE-2004-0690",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-09-28T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=261386"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000864"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109225538901170\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/12276"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200408-13.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/330638"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20040811-2.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:086"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/10924"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16962"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=261386"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000864"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109225538901170\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/12276"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200408-13.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/330638"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20040811-2.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:086"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/10924"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16962"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-27 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000888 | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=109779465621929&w=2 | ||
| cve@mitre.org | http://secunia.com/advisories/12818 | ||
| cve@mitre.org | http://securitytracker.com/id?1011674 | ||
| cve@mitre.org | http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1 | ||
| cve@mitre.org | http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1 | ||
| cve@mitre.org | http://www.ciac.org/ciac/bulletins/p-015.shtml | ||
| cve@mitre.org | http://www.debian.org/security/2004/dsa-567 | ||
| cve@mitre.org | http://www.kb.cert.org/vuls/id/687568 | US Government Resource | |
| cve@mitre.org | http://www.kde.org/info/security/advisory-20041209-2.txt | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2004:109 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2005:052 | ||
| cve@mitre.org | http://www.novell.com/linux/security/advisories/2004_38_libtiff.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2004-577.html | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-021.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-354.html | ||
| cve@mitre.org | http://www.securityfocus.com/bid/11406 | Exploit, Patch, Vendor Advisory | |
| cve@mitre.org | http://www.trustix.org/errata/2004/0054/ | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/17715 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100116 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9907 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000888 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=109779465621929&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/12818 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1011674 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ciac.org/ciac/bulletins/p-015.shtml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2004/dsa-567 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/687568 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20041209-2.txt | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2004:109 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2005:052 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2004_38_libtiff.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2004-577.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-021.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-354.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/11406 | Exploit, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.trustix.org/errata/2004/0054/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/17715 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100116 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9907 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libtiff | libtiff | 3.4 | |
| libtiff | libtiff | 3.5.1 | |
| libtiff | libtiff | 3.5.2 | |
| libtiff | libtiff | 3.5.3 | |
| libtiff | libtiff | 3.5.4 | |
| libtiff | libtiff | 3.5.5 | |
| libtiff | libtiff | 3.5.7 | |
| libtiff | libtiff | 3.6.0 | |
| libtiff | libtiff | 3.6.1 | |
| pdflib | pdf_library | 5.0.2 | |
| wxgtk2 | wxgtk2 | * | |
| wxgtk2 | wxgtk2 | 2.5_.0 | |
| apple | mac_os_x | 10.2 | |
| apple | mac_os_x | 10.2.1 | |
| apple | mac_os_x | 10.2.2 | |
| apple | mac_os_x | 10.2.3 | |
| apple | mac_os_x | 10.2.4 | |
| apple | mac_os_x | 10.2.5 | |
| apple | mac_os_x | 10.2.6 | |
| apple | mac_os_x | 10.2.7 | |
| apple | mac_os_x | 10.2.8 | |
| apple | mac_os_x | 10.3 | |
| apple | mac_os_x | 10.3.1 | |
| apple | mac_os_x | 10.3.2 | |
| apple | mac_os_x | 10.3.3 | |
| apple | mac_os_x | 10.3.4 | |
| apple | mac_os_x | 10.3.5 | |
| apple | mac_os_x | 10.3.6 | |
| apple | mac_os_x_server | 10.2 | |
| apple | mac_os_x_server | 10.2.1 | |
| apple | mac_os_x_server | 10.2.2 | |
| apple | mac_os_x_server | 10.2.3 | |
| apple | mac_os_x_server | 10.2.4 | |
| apple | mac_os_x_server | 10.2.5 | |
| apple | mac_os_x_server | 10.2.6 | |
| apple | mac_os_x_server | 10.2.7 | |
| apple | mac_os_x_server | 10.2.8 | |
| apple | mac_os_x_server | 10.3 | |
| apple | mac_os_x_server | 10.3.1 | |
| apple | mac_os_x_server | 10.3.2 | |
| apple | mac_os_x_server | 10.3.3 | |
| apple | mac_os_x_server | 10.3.4 | |
| apple | mac_os_x_server | 10.3.5 | |
| apple | mac_os_x_server | 10.3.6 | |
| kde | kde | 3.2 | |
| kde | kde | 3.2.1 | |
| kde | kde | 3.2.2 | |
| kde | kde | 3.2.3 | |
| kde | kde | 3.3 | |
| kde | kde | 3.3.1 | |
| mandrakesoft | mandrake_linux | 10.0 | |
| mandrakesoft | mandrake_linux | 10.0 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux_desktop | 3.0 | |
| redhat | fedora_core | core_2.0 | |
| redhat | linux_advanced_workstation | 2.1 | |
| redhat | linux_advanced_workstation | 2.1 | |
| suse | suse_linux | 1.0 | |
| suse | suse_linux | 8 | |
| suse | suse_linux | 8.1 | |
| suse | suse_linux | 8.2 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.1 | |
| trustix | secure_linux | 1.5 | |
| trustix | secure_linux | 2.0 | |
| trustix | secure_linux | 2.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CCA5EEB8-9D2C-49A9-BB08-CE5017B79D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "261FAE51-5207-4136-9FFE-2330A281266C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B32C83B9-F7DA-450A-A687-9A73734CD712",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9485283A-B73E-4567-914A-42A86F5FFCB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "95892168-0FB6-4E3F-9303-2F9B3CF60D2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A5021564-5E0A-4DDC-BC68-200B6050043E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "19AA66E5-FDDD-4243-B945-DFEBDD25F258",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "62F359CD-5DC4-4919-B8E1-95BDDBD27EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C8C550-3313-4266-B4B3-E9E9047CFE04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdflib:pdf_library:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E0A70D7A-D552-49A4-9E6F-B014BF195D6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wxgtk2:wxgtk2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6613FA38-E5C4-4BE8-8994-C00AB68A266B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wxgtk2:wxgtk2:2.5_.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B2814035-2888-43B9-B597-2CBF17C56FD5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCF4FB3-F781-46D5-BEE7-485B3DC78B83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AE52A344-8B07-480D-A57F-B1F6E6574F3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56CC0444-570C-4BB5-B53A-C5CA0BD87935",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "62E3EED7-FE30-4620-B40B-9CC49B77408A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5AFD8BC6-4893-4D9D-A26E-27AAC864F94B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9BD1F9A1-5ADB-451D-9525-D545E42D2B8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7A24978-2891-425C-ACF6-E8F5C839C54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9B20E130-6078-4336-B614-273C27142B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "AB461678-560D-436E-A3AE-9E1E16DB0412",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BFDADE04-29F0-446B-824B-0518880CF0A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ED9BE602-A740-4CF7-9CAF-59061B16AB31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "33E698C1-C313-40E6-BAF9-7C8F9CF02484",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BF2D00AC-FA2A-4C39-B796-DC19072862CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "421079DA-B605-4E05-9454-C30CF7631CF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "93B734BA-3435-40A9-B22B-5D56CEB865A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C4B57B3E-B1B2-4F13-99D3-4F9DB3C07B5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "00AE033B-5F16-4262-A397-02D7450189B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2E831F3E-A980-47AF-BD05-2DB1A14689B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "36991737-904F-4B26-AEE2-7B30411279E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EE6036-1A18-43F1-8A92-7DF39E1516E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "620ECFC8-293D-4C2B-9698-67185BB6E2EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F14A45-BDDB-4C12-9370-D5241975A928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "46BC34D4-A1E8-4E01-982D-EAF03A0EB886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "35932546-B614-47C0-98E6-8EF1EFE06725",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "38F17066-C090-4DD7-A1AC-D8FF70D268CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1E997653-C744-4F1F-9948-47579AB3BED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DF5A416A-F198-4B9C-8221-D36CC8A7FE5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "384C130F-D1A9-4482-AF20-FC81933473A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E8BCD1C5-1AFC-4287-9AFD-81FB3F4F9E54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3CA6BD2A-3022-408D-8E4F-50865996E965",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "463D5628-7536-4029-99D6-5E525050059E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "69A39B11-1C23-4A6C-B4C5-AEC40836F173",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "82F69843-978D-4686-BC5B-1D09DA4A21BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ACEE0AED-7918-41E9-A902-AC4070E03132",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "81E19472-47B4-4398-A188-CA5A5D3E7060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D17407A2-089E-43A5-9BD5-EFF966F5CC16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C4B436D-8D6A-473E-B707-26147208808B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E26B353-4985-4116-B97A-5767CDC732F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
"matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
"matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*",
"matchCriteriaId": "C7EAAD04-D7C4-43DE-B488-1AAD014B503E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "D2E2EF3C-1379-4CBE-8FF5-DACD47834651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "39605B96-BAD6-45C9-BB9A-43D6E2C51ADD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A67735E5-E43E-4164-BDB2-ADC6E0288E9F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls."
}
],
"id": "CVE-2004-0886",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-27T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000888"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109779465621929\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/12818"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1011674"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.ciac.org/ciac/bulletins/p-015.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2004/dsa-567"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/687568"
},
{
"source": "cve@mitre.org",
"url": "http://www.kde.org/info/security/advisory-20041209-2.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:109"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2004_38_libtiff.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-577.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-021.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11406"
},
{
"source": "cve@mitre.org",
"url": "http://www.trustix.org/errata/2004/0054/"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17715"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100116"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9907"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000888"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109779465621929\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/12818"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1011674"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ciac.org/ciac/bulletins/p-015.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2004/dsa-567"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/687568"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.kde.org/info/security/advisory-20041209-2.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:109"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2004_38_libtiff.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-577.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11406"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trustix.org/errata/2004/0054/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17715"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100116"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9907"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1998-11-18 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
KDE klock allows local users to kill arbitrary processes by specifying an arbitrary PID in the .kss.pid file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:stable:*:*:*:*:*:*",
"matchCriteriaId": "32FCB0B3-8FBE-49FA-B17E-0D5462C9E5B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "30661C23-9BE4-4F6E-AEB9-1B9D7DAA6FC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E3313D5-52E8-49B3-B145-170D9A26DA43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "KDE klock allows local users to kill arbitrary processes by specifying an arbitrary PID in the .kss.pid file."
}
],
"id": "CVE-1999-0780",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1998-11-18T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=91141486301691\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=91141486301691\u0026w=2"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-09-21 19:17
Modified
2025-04-09 00:30
Severity ?
Summary
backend/session.c in KDM in KDE 3.3.0 through 3.5.7, when autologin is configured and "shutdown with password" is enabled, allows remote attackers to bypass the password requirement and login to arbitrary accounts via unspecified vectors.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html | ||
| secalert@redhat.com | http://secunia.com/advisories/26894 | ||
| secalert@redhat.com | http://secunia.com/advisories/26904 | ||
| secalert@redhat.com | http://secunia.com/advisories/26915 | ||
| secalert@redhat.com | http://secunia.com/advisories/26929 | ||
| secalert@redhat.com | http://secunia.com/advisories/26977 | ||
| secalert@redhat.com | http://secunia.com/advisories/27089 | ||
| secalert@redhat.com | http://secunia.com/advisories/27096 | ||
| secalert@redhat.com | http://secunia.com/advisories/27106 | ||
| secalert@redhat.com | http://secunia.com/advisories/27180 | ||
| secalert@redhat.com | http://secunia.com/advisories/27271 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-200710-15.xml | ||
| secalert@redhat.com | http://securitytracker.com/id?1018724 | ||
| secalert@redhat.com | http://www.debian.org/security/2007/dsa-1376 | ||
| secalert@redhat.com | http://www.kde.org/info/security/advisory-20070919-1.txt | Patch, Vendor Advisory | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2007:190 | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2007-0905.html | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/25730 | Patch | |
| secalert@redhat.com | http://www.ubuntu.com/usn/usn-517-1 | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2007/3227 | ||
| secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/36711 | ||
| secalert@redhat.com | https://issues.rpath.com/browse/RPL-1725 | ||
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10359 | ||
| secalert@redhat.com | https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00022.html | ||
| secalert@redhat.com | https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00084.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26894 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26904 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26915 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26929 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26977 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27089 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27096 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27106 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27180 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27271 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200710-15.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1018724 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2007/dsa-1376 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20070919-1.txt | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:190 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-0905.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/25730 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/usn-517-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/3227 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/36711 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://issues.rpath.com/browse/RPL-1725 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10359 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00022.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00084.html |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C4B436D-8D6A-473E-B707-26147208808B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D6AB7C9F-48E2-4ACD-80CB-9559DE4C2BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E26B353-4985-4116-B97A-5767CDC732F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9F7180B3-03AC-427C-8CAD-FE06F81C4FF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "442021C9-BE4D-4BC9-8114-8BEFA9EC1232",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D600E27F-A1D6-42C7-8ED1-FD508F5B3AB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7036AE90-C7E0-48CE-805D-3F1E04852675",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8D49AE92-BA00-4A8E-BBFE-1BE994CFA3CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "29911CA1-ECFD-476F-8C85-EA0C6C143DC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D17CEFEB-9166-4426-92E1-D8F61D5F5D4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7BDBBFE2-D4C6-4466-A173-6AD716503953",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DCAB6F78-1C7D-404C-87B7-E93E096CC3B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "67C992C7-E81D-443B-ACE8-B92F8A36C1FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4EAC287B-1AB4-43F3-AC26-EDA689A004B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DB5557D4-36B2-4975-A78E-99774DBCFB2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "65CCBEC7-EF7F-43DB-892C-E9C93D3B3353",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C3D851-540B-4F4C-BCC4-47F4C099D212",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "32DF6E2C-221F-4F99-9D5B-C3E48AF7A9F4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "backend/session.c in KDM in KDE 3.3.0 through 3.5.7, when autologin is configured and \"shutdown with password\" is enabled, allows remote attackers to bypass the password requirement and login to arbitrary accounts via unspecified vectors."
},
{
"lang": "es",
"value": "El backend/session.c del KDE 3.3.0 hasta el 3.5.7, cuando la auto-autenticaci\u00f3n est\u00e1 configurada y el \"apagado con contrase\u00f1a\" est\u00e1 habilitado, permite a atacantes remotos evitar el requerimiento de contrase\u00f1a y autenticarse en cuentas de su elecci\u00f3n a trav\u00e9s de vectores sin especificar."
}
],
"id": "CVE-2007-4569",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.1,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-09-21T19:17:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/26894"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/26904"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/26915"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/26929"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/26977"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/27089"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/27096"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/27106"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/27180"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/27271"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-200710-15.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://securitytracker.com/id?1018724"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2007/dsa-1376"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20070919-1.txt"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:190"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0905.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/25730"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/usn-517-1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2007/3227"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36711"
},
{
"source": "secalert@redhat.com",
"url": "https://issues.rpath.com/browse/RPL-1725"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10359"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00022.html"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00084.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26894"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26904"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26915"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26929"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26977"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27096"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27106"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27180"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27271"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200710-15.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1018724"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2007/dsa-1376"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20070919-1.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:190"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0905.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/25730"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-517-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/3227"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36711"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-1725"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10359"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00084.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-11-11 13:00
Modified
2025-04-11 00:51
Severity ?
Summary
khtml/imload/scaledimageplane.h in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via large canvas dimensions, which leads to an unexpected sign extension and a heap-based buffer over-read.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html | ||
| secalert@redhat.com | http://quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=1f8b1b034ccf1713a5d123a4c327290f86d17d53 | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-1416.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-1418.html | ||
| secalert@redhat.com | http://secunia.com/advisories/51097 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/51145 | Vendor Advisory | |
| secalert@redhat.com | http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc | Exploit | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/10/11/11 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/10/30/6 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1027709 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=1f8b1b034ccf1713a5d123a4c327290f86d17d53 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-1416.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-1418.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/51097 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/51145 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/10/11/11 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/10/30/6 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1027709 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:4.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "47765596-0EA4-4F55-95BE-D34EE192A437",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "khtml/imload/scaledimageplane.h in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via large canvas dimensions, which leads to an unexpected sign extension and a heap-based buffer over-read."
},
{
"lang": "es",
"value": "khtml/imload/scaledimageplane.h en Konqueror en KDE v4.7.3, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) y posiblemente leer la memoria a trav\u00e9s de grandes dimensiones del lienzo, lo que conduce a una extensi\u00f3n de signo inesperado y una sobre lectura de b\u00fafer basado en memoria din\u00e1mica."
}
],
"id": "CVE-2012-4513",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-11-11T13:00:51.103",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html"
},
{
"source": "secalert@redhat.com",
"url": "http://quickgit.kde.org/index.php?p=kdelibs.git\u0026a=commitdiff\u0026h=1f8b1b034ccf1713a5d123a4c327290f86d17d53"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1416.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1418.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/51097"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/51145"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/11"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/10/30/6"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1027709"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://quickgit.kde.org/index.php?p=kdelibs.git\u0026a=commitdiff\u0026h=1f8b1b034ccf1713a5d123a4c327290f86d17d53"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1416.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1418.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/51097"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/51145"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/10/30/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027709"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1998-05-16 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in kscreensaver in KDE klock allows local users to gain root privileges via a long HOME environmental variable.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://marc.info/?l=bugtraq&m=90221101925954&w=2 | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=90221101925959&w=2 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/1644 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=90221101925954&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=90221101925959&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/1644 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "30661C23-9BE4-4F6E-AEB9-1B9D7DAA6FC9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in kscreensaver in KDE klock allows local users to gain root privileges via a long HOME environmental variable."
}
],
"id": "CVE-1999-1096",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1998-05-16T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=90221101925954\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=90221101925959\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1644"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=90221101925954\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=90221101925959\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1644"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-05-31 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The KApplication class in the KDE 1.1.2 configuration file management capability allows local users to overwrite arbitrary files.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-015.0.txt | ||
| cve@mitre.org | http://archives.neohapsis.com/archives/bugtraq/2000-05/0387.html | Exploit, Patch, Vendor Advisory | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2000-032.html | ||
| cve@mitre.org | http://www.securityfocus.com/bid/1291 | Exploit, Patch, Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/4583 | ||
| af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-015.0.txt | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2000-05/0387.html | Exploit, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2000-032.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/1291 | Exploit, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/4583 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A63714ED-A697-4AC3-AF13-3B028F9A87EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F472ECE0-821E-4A20-B6FC-CC4FC5D1BA36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The KApplication class in the KDE 1.1.2 configuration file management capability allows local users to overwrite arbitrary files."
}
],
"id": "CVE-2000-0530",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-05-31T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-015.0.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0387.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2000-032.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1291"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4583"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-015.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0387.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2000-032.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1291"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4583"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-10 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PDF file that causes the boundaries of a maskColors array to be exceeded.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl2.patch | ||
| cve@mitre.org | ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt | ||
| cve@mitre.org | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000921 | ||
| cve@mitre.org | http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030241.html | ||
| cve@mitre.org | http://marc.info/?t=110378596500001&r=1&w=2 | ||
| cve@mitre.org | http://secunia.com/advisories/17277 | ||
| cve@mitre.org | http://securitytracker.com/id?1012646 | ||
| cve@mitre.org | http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml | ||
| cve@mitre.org | http://www.gentoo.org/security/en/glsa/glsa-200501-13.xml | ||
| cve@mitre.org | http://www.gentoo.org/security/en/glsa/glsa-200501-17.xml | ||
| cve@mitre.org | http://www.idefense.com/application/poi/display?id=172&type=vulnerabilities | ||
| cve@mitre.org | http://www.kde.org/info/security/advisory-20041223-1.txt | ||
| cve@mitre.org | http://www.novell.com/linux/security/advisories/2005_01_sr.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-013.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-018.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-026.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-034.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-053.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-057.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-066.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-354.html | ||
| cve@mitre.org | http://www.securityfocus.com/bid/12070 | Patch, Vendor Advisory | |
| cve@mitre.org | https://bugzilla.fedora.us/show_bug.cgi?id=2352 | ||
| cve@mitre.org | https://bugzilla.fedora.us/show_bug.cgi?id=2353 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/18641 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10830 | ||
| cve@mitre.org | https://usn.ubuntu.com/50-1/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl2.patch | ||
| af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000921 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030241.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?t=110378596500001&r=1&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17277 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1012646 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200501-13.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200501-17.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.idefense.com/application/poi/display?id=172&type=vulnerabilities | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20041223-1.txt | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2005_01_sr.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-013.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-018.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-026.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-034.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-053.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-057.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-066.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-354.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/12070 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.fedora.us/show_bug.cgi?id=2352 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.fedora.us/show_bug.cgi?id=2353 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/18641 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10830 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/50-1/ |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "FB7653F1-70E2-423F-A6A9-30333644B506",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D17407A2-089E-43A5-9BD5-EFF966F5CC16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9F7180B3-03AC-427C-8CAD-FE06F81C4FF1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PDF file that causes the boundaries of a maskColors array to be exceeded."
}
],
"id": "CVE-2004-1125",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2005-01-10T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl2.patch"
},
{
"source": "cve@mitre.org",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000921"
},
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030241.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?t=110378596500001\u0026r=1\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/17277"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1012646"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200501-13.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200501-17.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.idefense.com/application/poi/display?id=172\u0026type=vulnerabilities"
},
{
"source": "cve@mitre.org",
"url": "http://www.kde.org/info/security/advisory-20041223-1.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-013.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-018.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-026.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-034.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-057.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-066.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/12070"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2352"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18641"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10830"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/50-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl2.patch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000921"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030241.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?t=110378596500001\u0026r=1\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/17277"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1012646"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200501-13.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200501-17.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.idefense.com/application/poi/display?id=172\u0026type=vulnerabilities"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.kde.org/info/security/advisory-20041223-1.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-034.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-057.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-066.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/12070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2352"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18641"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10830"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/50-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-11-29 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple buffer overflows in LISa on KDE 2.x for 2.1 and later, and KDE 3.x before 3.0.4, allow (1) local and possibly remote attackers to execute arbitrary code via the "lisa" daemon, and (2) remote attackers to execute arbitrary code via a certain "lan://" URL.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://marc.info/?l=bugtraq&m=103712329102632&w=2 | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=103728981029342&w=2 | ||
| cve@mitre.org | http://www.ciac.org/ciac/bulletins/n-020.shtml | ||
| cve@mitre.org | http://www.debian.org/security/2002/dsa-214 | ||
| cve@mitre.org | http://www.iss.net/security_center/static/10597.php | ||
| cve@mitre.org | http://www.iss.net/security_center/static/10598.php | Vendor Advisory | |
| cve@mitre.org | http://www.kde.org/info/security/advisory-20021111-2.txt | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-080.php | ||
| cve@mitre.org | http://www.novell.com/linux/security/advisories/2002_042_kdenetwork.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2002-220.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=103712329102632&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=103728981029342&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ciac.org/ciac/bulletins/n-020.shtml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2002/dsa-214 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.iss.net/security_center/static/10597.php | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.iss.net/security_center/static/10598.php | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20021111-2.txt | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-080.php | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2002_042_kdenetwork.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2002-220.html |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8C5E480F-A87E-4583-BC75-8596206C0895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2EF4C94E-54BB-44DB-BB7D-841419C4D3A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B292C704-EDFA-4060-90DF-0A3906DB0AC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B5DBFB51-48EB-41E5-9712-0A5368EE56A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EEAE9343-7A7F-4CB0-8CEF-52D61BD689C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3F531972-E0A7-4E7C-A899-3766CEAAE2EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4CEED379-3111-4451-B782-8C66CE568A1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B146FCD3-F6E7-4412-94FD-F9E66089C227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99CB51E4-0BFC-4C7C-B9EE-3DBCB0188D73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C629F0C8-C765-4076-B426-80929F9CE285",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in LISa on KDE 2.x for 2.1 and later, and KDE 3.x before 3.0.4, allow (1) local and possibly remote attackers to execute arbitrary code via the \"lisa\" daemon, and (2) remote attackers to execute arbitrary code via a certain \"lan://\" URL."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en LISa en KDE 2.x a partir de 2.1, y KDE 3.x anteriores a 3.0.4 permiten \r\na atacantes locales y posiblemente remotos ejecutar c\u00f3digo mediante el demonio \"lisa\", y\r\na atacantes remotos ejecutar c\u00f3digo arbitrario mediante una cierta URL de tipo \"lan://\""
}
],
"id": "CVE-2002-1306",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-11-29T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=103712329102632\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=103728981029342\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.ciac.org/ciac/bulletins/n-020.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2002/dsa-214"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/10597.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10598.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20021111-2.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-080.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2002_042_kdenetwork.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=103712329102632\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=103728981029342\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ciac.org/ciac/bulletins/n-020.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2002/dsa-214"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/10597.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10598.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20021111-2.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-080.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2002_042_kdenetwork.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1998-11-18 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in kppp in KDE allows local users to gain root access via a long PATH environmental variable.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://marc.info/?l=bugtraq&m=91141486301691&w=2 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/1650 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=91141486301691&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/1650 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "30661C23-9BE4-4F6E-AEB9-1B9D7DAA6FC9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in kppp in KDE allows local users to gain root access via a long PATH environmental variable."
}
],
"id": "CVE-1999-1107",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1998-11-18T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=91141486301691\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1650"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=91141486301691\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1650"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-05-02 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
KPPP 2.1.2 in KDE 3.1.5 and earlier, when setuid root without certain wrappers, does not properly close a privileged file descriptor for a domain socket, which allows local users to read and write to /etc/hosts and /etc/resolv.conf and gain control over DNS name resolution by opening a number of file descriptors before executing kppp.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000934 | Patch | |
| cve@mitre.org | http://www.debian.org/security/2005/dsa-692 | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.idefense.com/application/poi/display?id=208&type=vulnerabilities | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.kde.org/info/security/advisory-20050228-1.txt | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-175.html | Patch, Vendor Advisory | |
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9596 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000934 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-692 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.idefense.com/application/poi/display?id=208&type=vulnerabilities | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20050228-1.txt | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-175.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9596 |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:bernd_wuebben:kppp:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DBF32485-71A9-4B7F-BECB-9163E4E66821",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1F98A556-D640-40F1-92C2-FC262F50F5C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B7E2C256-8E9F-4D12-ABF4-FECE06B52CAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "33AF934D-B51B-4A81-BC47-FFEAB9A62C30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4A3096F2-B0F1-45E1-806D-6434DE56619A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AA5560AA-372B-4462-AFF8-8F27A980E507",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4904CFFD-4CE1-4D65-A7BA-9B06E5B35D07",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "KPPP 2.1.2 in KDE 3.1.5 and earlier, when setuid root without certain wrappers, does not properly close a privileged file descriptor for a domain socket, which allows local users to read and write to /etc/hosts and /etc/resolv.conf and gain control over DNS name resolution by opening a number of file descriptors before executing kppp."
}
],
"id": "CVE-2005-0205",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-02T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000934"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2005/dsa-692"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.idefense.com/application/poi/display?id=208\u0026type=vulnerabilities"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20050228-1.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-175.html"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9596"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000934"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2005/dsa-692"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.idefense.com/application/poi/display?id=208\u0026type=vulnerabilities"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20050228-1.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-175.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9596"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-10-20 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000864 | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=109327681304401&w=2 | ||
| cve@mitre.org | http://secunia.com/advisories/12341 | ||
| cve@mitre.org | http://www.kde.org/info/security/advisory-20040823-1.txt | ||
| cve@mitre.org | http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:086 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/10991 | Patch, Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/17063 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11281 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000864 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=109327681304401&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/12341 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20040823-1.txt | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:086 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/10991 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/17063 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11281 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kde | konqueror | 3.0 | |
| kde | konqueror | 3.0.1 | |
| kde | konqueror | 3.0.2 | |
| kde | konqueror | 3.0.3 | |
| kde | konqueror | 3.0.5 | |
| kde | konqueror | 3.0.5b | |
| kde | konqueror | 3.1 | |
| kde | konqueror | 3.1.1 | |
| kde | konqueror | 3.1.2 | |
| kde | konqueror | 3.1.3 | |
| kde | konqueror | 3.1.5 | |
| kde | konqueror | 3.2.1 | |
| kde | konqueror | 3.2.3 | |
| gentoo | linux | 1.4 | |
| kde | kde | 3.1.3 | |
| kde | kde | 3.2 | |
| mandrakesoft | mandrake_linux | 9.2 | |
| mandrakesoft | mandrake_linux | 9.2 | |
| mandrakesoft | mandrake_linux | 10.0 | |
| mandrakesoft | mandrake_linux | 10.0 | |
| suse | suse_linux | 8 | |
| suse | suse_linux | 8.1 | |
| suse | suse_linux | 8.2 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kde:konqueror:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8AD68BAB-8945-4A22-938E-12C01D0111D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:konqueror:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7B3220BF-B0AF-4C90-89BD-B425EE58021D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:konqueror:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FA53FB7A-AF7F-45B2-AF23-11B1FC4EC289",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:konqueror:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "619EB7F6-8694-4344-A4C9-A35DA58391AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:konqueror:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7FED2DFC-592C-4FD3-B0B7-C670C78F56DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:konqueror:3.0.5b:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC65385-B190-44BE-9AF8-B14F48303046",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:konqueror:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0F7BAE27-7AB1-4DBD-98AD-6109F0D9A458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:konqueror:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF8A54F6-96A9-44B8-97C8-50DA7276708D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:konqueror:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1001754B-8EDB-41A2-9D5D-6E2A2B556DD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:konqueror:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C8D57D87-3E6A-4A73-85BA-EE679E9DA8D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:konqueror:3.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "99E4FC9B-F47C-4BD5-B2C7-23CBAD2D5488",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:konqueror:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0172B167-5780-4F80-ACC9-2FB8B60D6717",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:konqueror:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3C0DB31D-D075-409C-9ED9-A9E1D96332CA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4A3096F2-B0F1-45E1-806D-6434DE56619A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "82F69843-978D-4686-BC5B-1D09DA4A21BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
"matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
"matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "D2E2EF3C-1379-4CBE-8FF5-DACD47834651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote attackers to perform a session fixation attack and hijack a user\u0027s HTTP session."
},
{
"lang": "es",
"value": "Konqueror en KDE 3.2.3 Y anteriores pemiten a sitios web establecer cookies para dominios de nivel superior espec\u00edficos de pa\u00edses, como ltd.uk o com.es, lo que podr\u00eda permitir a atacantes remotos realizar un ataque de fijaci\u00f3n de sesi\u00f3n y secuestrar una sesi\u00f3n HTTP de un usuario."
}
],
"id": "CVE-2004-0746",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-10-20T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000864"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109327681304401\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/12341"
},
{
"source": "cve@mitre.org",
"url": "http://www.kde.org/info/security/advisory-20040823-1.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:086"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10991"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17063"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000864"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109327681304401\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/12341"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.kde.org/info/security/advisory-20040823-1.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:086"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10991"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17063"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11281"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-10-06 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
KDM in KDE 3.1.3 and earlier uses a weak session cookie generation algorithm that does not provide 128 bits of entropy, which allows attackers to guess session cookies via brute force methods and gain access to the user session.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://cert.uni-stuttgart.de/archive/suse/security/2002/12/msg00101.html | ||
| cve@mitre.org | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000747 | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=106374551513499&w=2 | ||
| cve@mitre.org | http://www.debian.org/security/2003/dsa-388 | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.kde.org/info/security/advisory-20030916-1.txt | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2003:091 | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2003-270.html | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2003-288.html | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A215 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://cert.uni-stuttgart.de/archive/suse/security/2002/12/msg00101.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000747 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=106374551513499&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2003/dsa-388 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20030916-1.txt | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2003:091 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2003-270.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2003-288.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A215 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kde | kde | 1.1 | |
| kde | kde | 1.1.1 | |
| kde | kde | 1.1.2 | |
| kde | kde | 1.2 | |
| kde | kde | 2.0 | |
| kde | kde | 2.0.1 | |
| kde | kde | 2.0_beta | |
| kde | kde | 2.1 | |
| kde | kde | 2.1.1 | |
| kde | kde | 2.1.2 | |
| kde | kde | 2.2 | |
| kde | kde | 2.2.1 | |
| kde | kde | 2.2.2 | |
| kde | kde | 3.0 | |
| kde | kde | 3.0.1 | |
| kde | kde | 3.0.2 | |
| kde | kde | 3.0.3 | |
| kde | kde | 3.0.3a | |
| kde | kde | 3.0.4 | |
| kde | kde | 3.0.5 | |
| kde | kde | 3.0.5a | |
| kde | kde | 3.0.5b | |
| kde | kde | 3.1 | |
| kde | kde | 3.1.1 | |
| kde | kde | 3.1.1a | |
| kde | kde | 3.1.2 | |
| kde | kde | 3.1.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55B38F8C-9451-441B-BCD8-E41C1A2231DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D04A4717-229D-4E20-8FD2-DC13757B0AC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F472ECE0-821E-4A20-B6FC-CC4FC5D1BA36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D6767505-CFD5-4C66-A67A-4740E2994CC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6671EEE2-8CEC-41C7-9CF2-23D92A1B3DE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B4F3ACDA-8DB4-4E59-B673-021CEBD03D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.0_beta:*:*:*:*:*:*:*",
"matchCriteriaId": "FC14C38A-AAA8-463E-AA7C-F16C6CB3A3EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8C5E480F-A87E-4583-BC75-8596206C0895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2EF4C94E-54BB-44DB-BB7D-841419C4D3A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B292C704-EDFA-4060-90DF-0A3906DB0AC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B5DBFB51-48EB-41E5-9712-0A5368EE56A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EEAE9343-7A7F-4CB0-8CEF-52D61BD689C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3F531972-E0A7-4E7C-A899-3766CEAAE2EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4CEED379-3111-4451-B782-8C66CE568A1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B146FCD3-F6E7-4412-94FD-F9E66089C227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99CB51E4-0BFC-4C7C-B9EE-3DBCB0188D73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C629F0C8-C765-4076-B426-80929F9CE285",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "E107A931-B670-42A8-9F75-EEA0EF3D09B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "671D1461-4AB4-4FB6-977D-733888A1BA9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E268EFFF-6B28-4C64-B052-AFA3BB1E709F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9B6CD2-7343-4D68-BEC6-A7BB0E0F0962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.5b:*:*:*:*:*:*:*",
"matchCriteriaId": "21AC6FAB-45DF-4DE1-AADD-7DCA3AF0051E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1F98A556-D640-40F1-92C2-FC262F50F5C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B7E2C256-8E9F-4D12-ABF4-FECE06B52CAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "ECBCF55E-336B-420E-A154-609C02BB9FEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "33AF934D-B51B-4A81-BC47-FFEAB9A62C30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4A3096F2-B0F1-45E1-806D-6434DE56619A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "KDM in KDE 3.1.3 and earlier uses a weak session cookie generation algorithm that does not provide 128 bits of entropy, which allows attackers to guess session cookies via brute force methods and gain access to the user session."
},
{
"lang": "es",
"value": "KDM en KDE 3.1.3 y anteriores usa un algoritmo de generaci\u00f3n de galletita (cookie) de sesi\u00f3n d\u00e9bil, que no tiene 128 bits de entrop\u00eda, lo que permite a atacantes adivinar galletitas de sesi\u00f3n mediante m\u00e9todos de fuerza bruta y ganar acceso a la sesi\u00f3n del usuario."
}
],
"id": "CVE-2003-0692",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-10-06T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://cert.uni-stuttgart.de/archive/suse/security/2002/12/msg00101.html"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000747"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=106374551513499\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2003/dsa-388"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20030916-1.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:091"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-270.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2003-288.html"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A215"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://cert.uni-stuttgart.de/archive/suse/security/2002/12/msg00101.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000747"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=106374551513499\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2003/dsa-388"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20030916-1.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:091"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-270.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2003-288.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A215"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-12-19 23:46
Modified
2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in kdebase allows local users to cause a denial of service (KDM login inaccessible, or resource consumption) via unknown vectors.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://osvdb.org/41395 | ||
| secalert@redhat.com | http://secunia.com/advisories/28104 | ||
| secalert@redhat.com | http://secunia.com/advisories/28181 | ||
| secalert@redhat.com | http://secunia.com/advisories/28751 | ||
| secalert@redhat.com | http://securityreason.com/securityalert/3469 | ||
| secalert@redhat.com | http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0268 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2009:017 | ||
| secalert@redhat.com | http://www.redhat.com/archives/fedora-package-announce/2008-February/msg00031.html | ||
| secalert@redhat.com | http://www.redhat.com/archives/fedora-package-announce/2008-February/msg00038.html | ||
| secalert@redhat.com | http://www.securityfocus.com/archive/1/485238 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/26909 | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2007/4267 | ||
| secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/39168 | ||
| secalert@redhat.com | https://issues.rpath.com/browse/RPL-1992 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://osvdb.org/41395 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/28104 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/28181 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/28751 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/securityalert/3469 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0268 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2009:017 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/archives/fedora-package-announce/2008-February/msg00031.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/archives/fedora-package-announce/2008-February/msg00038.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/485238 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/26909 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/4267 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/39168 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://issues.rpath.com/browse/RPL-1992 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D54C9BCD-7544-4005-8F61-45C3EC054385",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in kdebase allows local users to cause a denial of service (KDM login inaccessible, or resource consumption) via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en kdebase permite a usuarios locales provocar denegaci\u00f3n de servicio (acceso de entrada no accesible KDM, o consumo de recursos) a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2007-5963",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.7,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-12-19T23:46:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://osvdb.org/41395"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/28104"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/28181"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/28751"
},
{
"source": "secalert@redhat.com",
"url": "http://securityreason.com/securityalert/3469"
},
{
"source": "secalert@redhat.com",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0268"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:017"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/archives/fedora-package-announce/2008-February/msg00031.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/archives/fedora-package-announce/2008-February/msg00038.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/485238"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/26909"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2007/4267"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39168"
},
{
"source": "secalert@redhat.com",
"url": "https://issues.rpath.com/browse/RPL-1992"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/41395"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28104"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28181"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28751"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3469"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0268"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:017"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/archives/fedora-package-announce/2008-February/msg00031.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/archives/fedora-package-announce/2008-February/msg00038.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/485238"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/26909"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/4267"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39168"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-1992"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vendorComments": [
{
"comment": "Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2007-5963\n\nThe Red Hat Security Response Team has rated this issue as having low security impact, at this time Red Hat does not intend to address this flaw in a future update.",
"lastModified": "2010-03-05T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-10 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are (1) manually entered by the user or (2) created by the SMB protocol handler, stores those credentials for plaintext in the user's .desktop file, which may be created with world-readable permissions, which could allow local users to obtain usernames and passwords for remote resources such as SMB shares.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://archives.neohapsis.com/archives/fulldisclosure/2004-11/1292.html | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=110178786809694&w=2 | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=110261063201488&w=2 | ||
| cve@mitre.org | http://secunia.com/advisories/13477 | ||
| cve@mitre.org | http://secunia.com/advisories/13486 | ||
| cve@mitre.org | http://secunia.com/advisories/13560 | ||
| cve@mitre.org | http://securitytracker.com/id?1012471 | ||
| cve@mitre.org | http://www.ciac.org/ciac/bulletins/p-051.shtml | ||
| cve@mitre.org | http://www.gentoo.org/security/en/glsa/glsa-200412-16.xml | ||
| cve@mitre.org | http://www.kb.cert.org/vuls/id/305294 | Third Party Advisory, US Government Resource | |
| cve@mitre.org | http://www.kde.org/info/security/advisory-20041209-1.txt | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2004:150 | ||
| cve@mitre.org | http://www.osvdb.org/12248 | ||
| cve@mitre.org | http://www.sec-consult.com/index.php?id=118 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/11866 | Patch, Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/18267 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/fulldisclosure/2004-11/1292.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=110178786809694&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=110261063201488&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/13477 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/13486 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/13560 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1012471 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ciac.org/ciac/bulletins/p-051.shtml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200412-16.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/305294 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20041209-1.txt | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2004:150 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/12248 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.sec-consult.com/index.php?id=118 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/11866 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/18267 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kde | kde | 3.2 | |
| kde | kde | 3.2.1 | |
| kde | kde | 3.2.2 | |
| kde | kde | 3.2.3 | |
| kde | kde | 3.3 | |
| kde | kde | 3.3.1 | |
| kde | kde | 3.3.2 | |
| mandrakesoft | mandrake_linux | 10.0 | |
| mandrakesoft | mandrake_linux | 10.0 | |
| mandrakesoft | mandrake_linux | 10.1 | |
| mandrakesoft | mandrake_linux | 10.1 | |
| redhat | fedora_core | core_2.0 | |
| redhat | fedora_core | core_3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "82F69843-978D-4686-BC5B-1D09DA4A21BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ACEE0AED-7918-41E9-A902-AC4070E03132",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "81E19472-47B4-4398-A188-CA5A5D3E7060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D17407A2-089E-43A5-9BD5-EFF966F5CC16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C4B436D-8D6A-473E-B707-26147208808B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E26B353-4985-4116-B97A-5767CDC732F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9F7180B3-03AC-427C-8CAD-FE06F81C4FF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
"matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "9E661D58-18DF-4CCF-9892-F873618F4535",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are (1) manually entered by the user or (2) created by the SMB protocol handler, stores those credentials for plaintext in the user\u0027s .desktop file, which may be created with world-readable permissions, which could allow local users to obtain usernames and passwords for remote resources such as SMB shares."
}
],
"id": "CVE-2004-1171",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-10T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-11/1292.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110178786809694\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110261063201488\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/13477"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/13486"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/13560"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1012471"
},
{
"source": "cve@mitre.org",
"url": "http://www.ciac.org/ciac/bulletins/p-051.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200412-16.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/305294"
},
{
"source": "cve@mitre.org",
"url": "http://www.kde.org/info/security/advisory-20041209-1.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:150"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/12248"
},
{
"source": "cve@mitre.org",
"url": "http://www.sec-consult.com/index.php?id=118"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11866"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18267"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-11/1292.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110178786809694\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110261063201488\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/13477"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/13486"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/13560"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1012471"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ciac.org/ciac/bulletins/p-051.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200412-16.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/305294"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.kde.org/info/security/advisory-20041209-1.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:150"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/12248"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.sec-consult.com/index.php?id=118"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11866"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18267"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-08-02 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
kfm as included with KDE 1.x can allow a local attacker to gain additional privileges via a symlink attack in the kfm cache directory in /tmp.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://archives.neohapsis.com/archives/bugtraq/2001-04/0336.html | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/6428 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2001-04/0336.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/6428 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kde | kde | 1.x | |
| suse | suse_linux | 7.0 | |
| suse | suse_linux | 7.0 | |
| suse | suse_linux | 7.0 | |
| suse | suse_linux | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:1.x:*:*:*:*:*:*:*",
"matchCriteriaId": "F5E69E24-DC1F-4B98-A87E-05043C43616D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:ppc:*:*:*:*:*",
"matchCriteriaId": "467A30EB-CB8F-4928-AC8F-F659084A9E2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "714C1439-AB8E-4A8B-A783-D60E9DDC38D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:alpha:*:*:*:*:*:*",
"matchCriteriaId": "62CAE5B0-4D46-4A93-A343-C8E9CB574C62",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "kfm as included with KDE 1.x can allow a local attacker to gain additional privileges via a symlink attack in the kfm cache directory in /tmp."
}
],
"id": "CVE-2001-0610",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-08-02T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-04/0336.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6428"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-04/0336.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6428"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-11-29 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Unknown vulnerability in the rlogin KIO subsystem (rlogin.protocol) of KDE 2.x 2.1 and later, and KDE 3.x 3.0.4 and earlier, allows local and remote attackers to execute arbitrary code via a certain URL.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-012.0.txt | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=103712550205730&w=2 | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=103728981029342&w=2 | ||
| cve@mitre.org | http://secunia.com/advisories/8298 | ||
| cve@mitre.org | http://www.debian.org/security/2002/dsa-204 | ||
| cve@mitre.org | http://www.iss.net/security_center/static/10602.php | Vendor Advisory | |
| cve@mitre.org | http://www.kde.org/info/security/advisory-20021111-1.txt | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-079.php | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2002-220.html | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/6182 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-012.0.txt | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=103712550205730&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=103728981029342&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/8298 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2002/dsa-204 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.iss.net/security_center/static/10602.php | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20021111-1.txt | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-079.php | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2002-220.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/6182 | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8C5E480F-A87E-4583-BC75-8596206C0895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2EF4C94E-54BB-44DB-BB7D-841419C4D3A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B292C704-EDFA-4060-90DF-0A3906DB0AC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B5DBFB51-48EB-41E5-9712-0A5368EE56A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EEAE9343-7A7F-4CB0-8CEF-52D61BD689C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3F531972-E0A7-4E7C-A899-3766CEAAE2EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4CEED379-3111-4451-B782-8C66CE568A1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B146FCD3-F6E7-4412-94FD-F9E66089C227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99CB51E4-0BFC-4C7C-B9EE-3DBCB0188D73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C629F0C8-C765-4076-B426-80929F9CE285",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "671D1461-4AB4-4FB6-977D-733888A1BA9B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in the rlogin KIO subsystem (rlogin.protocol) of KDE 2.x 2.1 and later, and KDE 3.x 3.0.4 and earlier, allows local and remote attackers to execute arbitrary code via a certain URL."
},
{
"lang": "es",
"value": "Vulnerabilidad desconocida en el subsistema KIO (rlogin.protocol) de KDE 2.x 2.1 y posteriores, y KDE 3.x 3.0.4 y posteriores, permite a atacantes locales y remotos ejecutar c\u00f3digo arbitrario mediante cierta URL."
}
],
"id": "CVE-2002-1281",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-11-29T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-012.0.txt"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=103712550205730\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=103728981029342\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/8298"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2002/dsa-204"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10602.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20021111-1.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-079.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/6182"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-012.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=103712550205730\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=103728981029342\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/8298"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2002/dsa-204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10602.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20021111-1.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-079.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/6182"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-11-29 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Unknown vulnerability in the telnet KIO subsystem (telnet.protocol) of KDE 2.x 2.1 and later allows local and remote attackers to execute arbitrary code via a certain URL.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-012.0.txt | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=103712550205730&w=2 | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=103728981029342&w=2 | ||
| cve@mitre.org | http://secunia.com/advisories/8298 | ||
| cve@mitre.org | http://www.debian.org/security/2002/dsa-204 | ||
| cve@mitre.org | http://www.iss.net/security_center/static/10603.php | Vendor Advisory | |
| cve@mitre.org | http://www.kde.org/info/security/advisory-20021111-1.txt | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-079.php | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2002-220.html | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/6182 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-012.0.txt | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=103712550205730&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=103728981029342&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/8298 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2002/dsa-204 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.iss.net/security_center/static/10603.php | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20021111-1.txt | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-079.php | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2002-220.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/6182 | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8C5E480F-A87E-4583-BC75-8596206C0895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2EF4C94E-54BB-44DB-BB7D-841419C4D3A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B292C704-EDFA-4060-90DF-0A3906DB0AC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B5DBFB51-48EB-41E5-9712-0A5368EE56A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EEAE9343-7A7F-4CB0-8CEF-52D61BD689C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3F531972-E0A7-4E7C-A899-3766CEAAE2EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4CEED379-3111-4451-B782-8C66CE568A1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B146FCD3-F6E7-4412-94FD-F9E66089C227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99CB51E4-0BFC-4C7C-B9EE-3DBCB0188D73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C629F0C8-C765-4076-B426-80929F9CE285",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "671D1461-4AB4-4FB6-977D-733888A1BA9B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in the telnet KIO subsystem (telnet.protocol) of KDE 2.x 2.1 and later allows local and remote attackers to execute arbitrary code via a certain URL."
},
{
"lang": "es",
"value": "Vulnerabilidad desconocida en el subsistema KIO de telnet (telnet.protocol) de KDE 2.X 2.1 y posteriores permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante una cierta URL."
}
],
"id": "CVE-2002-1282",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-11-29T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-012.0.txt"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=103712550205730\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=103728981029342\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/8298"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2002/dsa-204"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10603.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20021111-1.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-079.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/6182"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-012.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=103712550205730\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=103728981029342\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/8298"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2002/dsa-204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10603.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20021111-1.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-079.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/6182"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-04-22 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Kommander in KDE 3.2 through KDE 3.4.0 executes data files without confirmation from the user, which allows remote attackers to execute arbitrary code.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.0-kdewebdev-kommander.diff | Vendor Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=111419664411051&w=2 | ||
| secalert@redhat.com | http://secunia.com/advisories/15060 | Patch, Vendor Advisory | |
| secalert@redhat.com | http://www.kde.org/info/security/advisory-20050420-1.txt | Patch, Vendor Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/13313 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.0-kdewebdev-kommander.diff | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=111419664411051&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/15060 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20050420-1.txt | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/13313 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kde | quanta | 3.1 | |
| conectiva | linux | 9.0 | |
| conectiva | linux | 10.0 | |
| gentoo | linux | * | |
| kde | kde | 3.2 | |
| kde | kde | 3.2.1 | |
| kde | kde | 3.2.2 | |
| kde | kde | 3.2.3 | |
| kde | kde | 3.3 | |
| kde | kde | 3.3.1 | |
| kde | kde | 3.3.2 | |
| kde | kde | 3.4 | |
| redhat | fedora_core | core_3.0 | |
| ubuntu | ubuntu_linux | 4.1 | |
| ubuntu | ubuntu_linux | 4.1 | |
| ubuntu | ubuntu_linux | 5.04 | |
| ubuntu | ubuntu_linux | 5.04 | |
| ubuntu | ubuntu_linux | 5.04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kde:quanta:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0716B886-DF42-4BB2-BE9F-423A4CBE5001",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "82F69843-978D-4686-BC5B-1D09DA4A21BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ACEE0AED-7918-41E9-A902-AC4070E03132",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "81E19472-47B4-4398-A188-CA5A5D3E7060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D17407A2-089E-43A5-9BD5-EFF966F5CC16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C4B436D-8D6A-473E-B707-26147208808B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E26B353-4985-4116-B97A-5767CDC732F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9F7180B3-03AC-427C-8CAD-FE06F81C4FF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "442021C9-BE4D-4BC9-8114-8BEFA9EC1232",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:amd64:*:*:*:*:*",
"matchCriteriaId": "3BD12488-1ED8-4751-ABF5-3578D54750A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:i386:*:*:*:*:*",
"matchCriteriaId": "AE3733CF-4C88-443C-9B90-6477C9C500D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:powerpc:*:*:*:*:*",
"matchCriteriaId": "9C500A75-D75E-45B4-B582-0F0DF27C3C04",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Kommander in KDE 3.2 through KDE 3.4.0 executes data files without confirmation from the user, which allows remote attackers to execute arbitrary code."
}
],
"id": "CVE-2005-0754",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-04-22T04:00:00.000",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.0-kdewebdev-kommander.diff"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=bugtraq\u0026m=111419664411051\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/15060"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20050420-1.txt"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/13313"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.0-kdewebdev-kommander.diff"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=111419664411051\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/15060"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20050420-1.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/13313"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-06-16 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://lists.grok.org.uk/pipermail/full-disclosure/2003-May/004983.html | ||
| cve@mitre.org | http://www.debian.org/security/2003/dsa-361 | ||
| cve@mitre.org | http://www.kde.org/info/security/advisory-20030602-1.txt | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2003-192.html | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2003-193.html | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/320707 | Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/7520 | ||
| cve@mitre.org | http://www.turbolinux.com/security/TLSA-2003-36.txt | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.grok.org.uk/pipermail/full-disclosure/2003-May/004983.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2003/dsa-361 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20030602-1.txt | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2003-192.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2003-193.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/320707 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/7520 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.turbolinux.com/security/TLSA-2003-36.txt |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | safari | 1.0 | |
| apple | safari | 1.0 | |
| kde | konqueror_embedded | 0.1 | |
| kde | kde | * | |
| redhat | linux | 7.1 | |
| redhat | linux | 7.2 | |
| turbolinux | turbolinux_server | 7.0 | |
| turbolinux | turbolinux_server | 8.0 | |
| turbolinux | turbolinux_workstation | 7.0 | |
| turbolinux | turbolinux_workstation | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:safari:1.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "64FE1AA1-32D1-4825-8B2B-E66093937D9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "E760CD65-A10E-44F1-B835-DA6B77057C93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:konqueror_embedded:0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "68C3DE36-4687-4157-8C7F-223B289B9A8B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4EE0724E-B37D-4177-A117-74F5A39BCC5B",
"versionEndIncluding": "2.2.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "839D2945-1417-43F5-A526-A14C491CBCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EA8F79B3-2FBD-4CF1-B202-AB302C5F9CC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack."
},
{
"lang": "es",
"value": "Konqueror Embedded y KDE 2.2.2 y anteriores no validan el campo Common Name (CN) en certificados X.509, lo que permitir\u00eda que atacantes remotos falsifiquen certificados mediante un ataque \"man-in-the-middle\"."
}
],
"id": "CVE-2003-0370",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-06-16T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-May/004983.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2003/dsa-361"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20030602-1.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-192.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2003-193.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/320707"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/7520"
},
{
"source": "cve@mitre.org",
"url": "http://www.turbolinux.com/security/TLSA-2003-36.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-May/004983.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2003/dsa-361"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20030602-1.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-192.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2003-193.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/320707"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/7520"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.turbolinux.com/security/TLSA-2003-36.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in konqueror in KDE 2.1 through 3.0 and 3.0.2 allows remote attackers to cause a denial of service (crash) via an IMG tag with large width and height attributes.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-09/0167.html | ||
| cve@mitre.org | http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-09/0177.html | ||
| cve@mitre.org | http://www.iss.net/security_center/static/10126.php | ||
| cve@mitre.org | http://www.securityfocus.com/bid/5721 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-09/0167.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-09/0177.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.iss.net/security_center/static/10126.php | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/5721 | Patch |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8C5E480F-A87E-4583-BC75-8596206C0895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2EF4C94E-54BB-44DB-BB7D-841419C4D3A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B292C704-EDFA-4060-90DF-0A3906DB0AC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B5DBFB51-48EB-41E5-9712-0A5368EE56A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EEAE9343-7A7F-4CB0-8CEF-52D61BD689C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3F531972-E0A7-4E7C-A899-3766CEAAE2EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4CEED379-3111-4451-B782-8C66CE568A1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99CB51E4-0BFC-4C7C-B9EE-3DBCB0188D73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in konqueror in KDE 2.1 through 3.0 and 3.0.2 allows remote attackers to cause a denial of service (crash) via an IMG tag with large width and height attributes."
}
],
"id": "CVE-2002-2333",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-09/0167.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-09/0177.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/10126.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/5721"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-09/0167.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-09/0177.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/10126.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/5721"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-11-11 13:00
Modified
2025-04-11 00:51
Severity ?
Summary
Use-after-free vulnerability in khtml/rendering/render_replaced.cpp in Konqueror in KDE 4.7.3, when the context menu is shown, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by accessing an iframe when it is being updated.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html | ||
| secalert@redhat.com | http://quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=4f2eb356f1c23444fff2cfe0a7ae10efe303d6d8 | Exploit | |
| secalert@redhat.com | http://secunia.com/advisories/51097 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/51145 | Vendor Advisory | |
| secalert@redhat.com | http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc | Exploit | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/10/11/11 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/10/30/6 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=4f2eb356f1c23444fff2cfe0a7ae10efe303d6d8 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/51097 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/51145 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/10/11/11 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/10/30/6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:4.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "47765596-0EA4-4F55-95BE-D34EE192A437",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in khtml/rendering/render_replaced.cpp in Konqueror in KDE 4.7.3, when the context menu is shown, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by accessing an iframe when it is being updated."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n en khtml/rendering/render_replaced.cpp en Konqueror en KDE v4.7.3, cuando el men\u00fa contextual se muestra, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) y posiblemente ejecutar c\u00f3digo arbitrario mediante el acceso a un iframe cuando se est\u00e1 actualizando."
}
],
"id": "CVE-2012-4515",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-11-11T13:00:51.573",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://quickgit.kde.org/index.php?p=kdelibs.git\u0026a=commitdiff\u0026h=4f2eb356f1c23444fff2cfe0a7ae10efe303d6d8"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/51097"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/51145"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/11"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/10/30/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://quickgit.kde.org/index.php?p=kdelibs.git\u0026a=commitdiff\u0026h=4f2eb356f1c23444fff2cfe0a7ae10efe303d6d8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/51097"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/51145"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/10/30/6"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-09-28 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
KDE before 3.3.0 does not properly handle when certain symbolic links point to "stale" locations, which could allow local users to create or truncate arbitrary files.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000864 | Broken Link | |
| cve@mitre.org | http://marc.info/?l=bugtraq&m=109225538901170&w=2 | Mailing List | |
| cve@mitre.org | http://secunia.com/advisories/12276/ | Broken Link, Patch, Vendor Advisory | |
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-200408-13.xml | Third Party Advisory | |
| cve@mitre.org | http://www.debian.org/security/2004/dsa-539 | Third Party Advisory | |
| cve@mitre.org | http://www.kde.org/info/security/advisory-20040811-1.txt | Patch, Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/16963 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9334 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000864 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=109225538901170&w=2 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/12276/ | Broken Link, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200408-13.xml | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2004/dsa-539 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20040811-1.txt | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/16963 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9334 | Broken Link |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kde | kde | * | |
| debian | debian_linux | 3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:*:*:*:*:*:*:*:*",
"matchCriteriaId": "517F497F-7335-4433-AAAC-9B4D32CABA6C",
"versionEndExcluding": "3.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "KDE before 3.3.0 does not properly handle when certain symbolic links point to \"stale\" locations, which could allow local users to create or truncate arbitrary files."
},
{
"lang": "es",
"value": "KDE 3.3.0 no maneja adecuadamente ciertos enlaces simb\u00f3licos que apuntan a localizaciones \"gastadas\", lo que podr\u00eda permitir a usaurios locales crear o truncar ficheros arbitrarios."
}
],
"id": "CVE-2004-0689",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2004-09-28T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000864"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109225538901170\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/12276/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200408-13.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-539"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20040811-1.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16963"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9334"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000864"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109225538901170\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/12276/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200408-13.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-539"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20040811-1.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16963"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9334"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-03-01 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The libmediatool library used for the KDE mediatool allows local users to create arbitrary files via a symlink attack.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-005.0.txt | Exploit, Patch, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/1269 | ||
| af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-005.0.txt | Exploit, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/1269 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55B38F8C-9451-441B-BCD8-E41C1A2231DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D04A4717-229D-4E20-8FD2-DC13757B0AC5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The libmediatool library used for the KDE mediatool allows local users to create arbitrary files via a symlink attack."
},
{
"lang": "es",
"value": "La librer\u00eda libmediatool usada para el mediatool de KDE permite a usuarios locales crear ficheros arbitrarios mediante un ataque de enlaces simb\u00f3licos (symlink attack)"
}
],
"id": "CVE-2000-0371",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.2,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-03-01T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-005.0.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/1269"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-005.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/1269"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1998-07-11 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
KMail in KDE 1.0 provides a PGP passphrase as a command line argument to other programs, which could allow local users to obtain the passphrase and compromise the PGP keys of other users by viewing the arguments via programs that list process information, such as ps.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://lists.kde.org/?l=kde-devel&m=90221974029738&w=2 | Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/1639 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.kde.org/?l=kde-devel&m=90221974029738&w=2 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/1639 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "30661C23-9BE4-4F6E-AEB9-1B9D7DAA6FC9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "KMail in KDE 1.0 provides a PGP passphrase as a command line argument to other programs, which could allow local users to obtain the passphrase and compromise the PGP keys of other users by viewing the arguments via programs that list process information, such as ps."
}
],
"id": "CVE-1999-1270",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1998-07-11T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.kde.org/?l=kde-devel\u0026m=90221974029738\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1639"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.kde.org/?l=kde-devel\u0026m=90221974029738\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1639"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-05-02 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple vulnerabilities in fliccd, when installed setuid root as part of the kdeedu Kstars support for Instrument Neutral Distributed Interface (INDI) in KDE 3.3 to 3.3.2, allow local users and remote attackers to execute arbitrary code via stack-based buffer overflows.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://secunia.com/advisories/14306 | Patch | |
| cve@mitre.org | http://www.gentoo.org/security/en/glsa/glsa-200502-23.xml | Vendor Advisory | |
| cve@mitre.org | http://www.kde.org/info/security/advisory-20050215-1.txt | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.redhat.com/archives/fedora-announce-list/2005-February/msg00044.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/14306 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200502-23.xml | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20050215-1.txt | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/archives/fedora-announce-list/2005-February/msg00044.html | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C4B436D-8D6A-473E-B707-26147208808B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E26B353-4985-4116-B97A-5767CDC732F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9F7180B3-03AC-427C-8CAD-FE06F81C4FF1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in fliccd, when installed setuid root as part of the kdeedu Kstars support for Instrument Neutral Distributed Interface (INDI) in KDE 3.3 to 3.3.2, allow local users and remote attackers to execute arbitrary code via stack-based buffer overflows."
}
],
"id": "CVE-2005-0011",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-02T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://secunia.com/advisories/14306"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200502-23.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20050215-1.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2005-February/msg00044.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://secunia.com/advisories/14306"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200502-23.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20050215-1.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2005-February/msg00044.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-01-17 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple vulnerabilities in KDE 2 and KDE 3.x through 3.0.5 do not quote certain parameters that are inserted into a shell command, which could allow remote attackers to execute arbitrary commands via (1) URLs, (2) filenames, or (3) e-mail addresses.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000569 | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=104049734911544&w=2 | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=104066520330397&w=2 | ||
| cve@mitre.org | http://secunia.com/advisories/8067 | ||
| cve@mitre.org | http://secunia.com/advisories/8103 | ||
| cve@mitre.org | http://www.debian.org/security/2003/dsa-234 | ||
| cve@mitre.org | http://www.debian.org/security/2003/dsa-235 | ||
| cve@mitre.org | http://www.debian.org/security/2003/dsa-236 | ||
| cve@mitre.org | http://www.debian.org/security/2003/dsa-237 | ||
| cve@mitre.org | http://www.debian.org/security/2003/dsa-238 | ||
| cve@mitre.org | http://www.debian.org/security/2003/dsa-239 | ||
| cve@mitre.org | http://www.debian.org/security/2003/dsa-240 | ||
| cve@mitre.org | http://www.debian.org/security/2003/dsa-241 | ||
| cve@mitre.org | http://www.debian.org/security/2003/dsa-242 | ||
| cve@mitre.org | http://www.debian.org/security/2003/dsa-243 | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.kde.org/info/security/advisory-20021220-1.txt | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2003:004 | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2003-002.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2003-003.html | ||
| cve@mitre.org | http://www.securityfocus.com/bid/6462 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000569 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=104049734911544&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=104066520330397&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/8067 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/8103 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2003/dsa-234 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2003/dsa-235 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2003/dsa-236 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2003/dsa-237 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2003/dsa-238 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2003/dsa-239 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2003/dsa-240 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2003/dsa-241 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2003/dsa-242 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2003/dsa-243 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20021220-1.txt | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2003:004 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2003-002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2003-003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/6462 |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6671EEE2-8CEC-41C7-9CF2-23D92A1B3DE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B4F3ACDA-8DB4-4E59-B673-021CEBD03D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8C5E480F-A87E-4583-BC75-8596206C0895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2EF4C94E-54BB-44DB-BB7D-841419C4D3A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B292C704-EDFA-4060-90DF-0A3906DB0AC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B5DBFB51-48EB-41E5-9712-0A5368EE56A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EEAE9343-7A7F-4CB0-8CEF-52D61BD689C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3F531972-E0A7-4E7C-A899-3766CEAAE2EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4CEED379-3111-4451-B782-8C66CE568A1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B146FCD3-F6E7-4412-94FD-F9E66089C227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99CB51E4-0BFC-4C7C-B9EE-3DBCB0188D73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C629F0C8-C765-4076-B426-80929F9CE285",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "E107A931-B670-42A8-9F75-EEA0EF3D09B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "671D1461-4AB4-4FB6-977D-733888A1BA9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E268EFFF-6B28-4C64-B052-AFA3BB1E709F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in KDE 2 and KDE 3.x through 3.0.5 do not quote certain parameters that are inserted into a shell command, which could allow remote attackers to execute arbitrary commands via (1) URLs, (2) filenames, or (3) e-mail addresses."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades en KDE 2 y KDE 3.x a 3.0.5 no ponen entre comillas ciertos par\u00e1metros que son insertados en comando de shell, lo que podr\u00eda permitir a atacantes remotos ejecutar comandos arbitrarios mediante URLs, nombres de ficheros o direcciones de correo electr\u00f3nico."
}
],
"id": "CVE-2002-1393",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-01-17T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000569"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=104049734911544\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=104066520330397\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/8067"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/8103"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2003/dsa-234"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2003/dsa-235"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2003/dsa-236"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2003/dsa-237"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2003/dsa-238"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2003/dsa-239"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2003/dsa-240"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2003/dsa-241"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2003/dsa-242"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2003/dsa-243"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20021220-1.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:004"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2003-002.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2003-003.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/6462"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000569"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=104049734911544\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=104066520330397\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/8067"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/8103"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2003/dsa-234"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2003/dsa-235"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2003/dsa-236"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2003/dsa-237"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2003/dsa-238"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2003/dsa-239"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2003/dsa-240"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2003/dsa-241"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2003/dsa-242"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2003/dsa-243"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20021220-1.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2003-002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2003-003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/6462"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://lists.suse.com/archive/suse-security-announce/2005-Mar/0007.html | Third Party Advisory, Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/13447/ | Broken Link, Patch | |
| cve@mitre.org | http://www.gentoo.org/security/en/glsa/glsa-200502-17.xml | Patch, Third Party Advisory, Vendor Advisory | |
| cve@mitre.org | http://www.opera.com/linux/changelogs/754u2/ | Broken Link | |
| cve@mitre.org | http://www.securityfocus.com/bid/11901 | Broken Link, Patch, Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.zone-h.org/advisories/read/id=6503 | Third Party Advisory, Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/18457 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.suse.com/archive/suse-security-announce/2005-Mar/0007.html | Third Party Advisory, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/13447/ | Broken Link, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200502-17.xml | Patch, Third Party Advisory, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.opera.com/linux/changelogs/754u2/ | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/11901 | Broken Link, Patch, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.zone-h.org/advisories/read/id=6503 | Third Party Advisory, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/18457 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| opera | opera_browser | * | |
| gentoo | linux | * | |
| kde | kde | 3.2.3 | |
| suse | suse_linux | 1.0 | |
| suse | suse_linux | 2.0 | |
| suse | suse_linux | 3.0 | |
| suse | suse_linux | 4.0 | |
| suse | suse_linux | 4.2 | |
| suse | suse_linux | 4.3 | |
| suse | suse_linux | 4.4 | |
| suse | suse_linux | 4.4.1 | |
| suse | suse_linux | 5.0 | |
| suse | suse_linux | 5.1 | |
| suse | suse_linux | 5.2 | |
| suse | suse_linux | 5.3 | |
| suse | suse_linux | 6.0 | |
| suse | suse_linux | 6.1 | |
| suse | suse_linux | 6.1 | |
| suse | suse_linux | 6.2 | |
| suse | suse_linux | 6.3 | |
| suse | suse_linux | 6.3 | |
| suse | suse_linux | 6.4 | |
| suse | suse_linux | 6.4 | |
| suse | suse_linux | 7.0 | |
| suse | suse_linux | 7.0 | |
| suse | suse_linux | 7.1 | |
| suse | suse_linux | 7.1 | |
| suse | suse_linux | 7.2 | |
| suse | suse_linux | 7.3 | |
| suse | suse_linux | 8.0 | |
| suse | suse_linux | 8.1 | |
| suse | suse_linux | 8.2 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.1 | |
| suse | suse_linux | 9.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BFE75E76-E20D-47A4-9603-0AF46F733AEF",
"versionEndIncluding": "7.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D17407A2-089E-43A5-9BD5-EFF966F5CC16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "02EE2D72-B1E6-4380-80B0-E40A23DDD115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "111575DE-98A2-4C54-BDE1-CACC74D22B35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1976D15D-9EE6-4A49-B59F-34F0505FD5BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "962FC8D7-BE5D-4E7D-9ADC-511681C593BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "451453AC-65FF-4E3B-9AC1-2DDB2E2182E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7716120D-5110-42B0-A574-9AA2AC8D3C32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CB4C8426-CAF2-4366-94C0-1BA1C544FB6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5CC7D746-B98B-4FAF-B816-57222759A344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "830D48B8-D21D-4D31-99A1-20C231804DBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5C0BBDD2-9FF9-4CB7-BCAF-D4AF15DC2C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D1C826AA-6E2F-4DAC-A7A2-9F47729B5DA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC94EF9-5872-402F-B2FC-06331A924BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F163E145-09F7-4BE2-9B46-5B6713070BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "124E1802-7984-45ED-8A92-393FC20662FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.1:alpha:*:*:*:*:*:*",
"matchCriteriaId": "C7F08806-9458-439A-8EAE-2553122262ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1B67020A-6942-4478-B501-764147C4970D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD0FF64-05DF-48C2-9BB5-FD993121FB2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.3:alpha:*:*:*:*:*:*",
"matchCriteriaId": "76159C25-0760-47CB-AFCE-28306CDEA830",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7786607A-362E-4817-A17E-C76D6A1F737D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.4:alpha:*:*:*:*:*:*",
"matchCriteriaId": "49BC7C7E-046C-4186-822E-9F3A2AD3577B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:alpha:*:*:*:*:*:*",
"matchCriteriaId": "62CAE5B0-4D46-4A93-A343-C8E9CB574C62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "819868A7-EB1E-4CA9-8D71-72F194E5EFEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.1:alpha:*:*:*:*:*:*",
"matchCriteriaId": "B5E71DA3-F4A0-46AF-92A2-E691C7A65528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0519FF7D-363E-4530-9E63-6EA3E88432DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FAE3FF4F-646F-4E05-A08A-C9399DEF60F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry."
}
],
"id": "CVE-2004-1491",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"Vendor Advisory"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2005-Mar/0007.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch"
],
"url": "http://secunia.com/advisories/13447/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200502-17.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.opera.com/linux/changelogs/754u2/"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/11901"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"Vendor Advisory"
],
"url": "http://www.zone-h.org/advisories/read/id=6503"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18457"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"Vendor Advisory"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2005-Mar/0007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Patch"
],
"url": "http://secunia.com/advisories/13447/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200502-17.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.opera.com/linux/changelogs/754u2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/11901"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"Vendor Advisory"
],
"url": "http://www.zone-h.org/advisories/read/id=6503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18457"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1998-11-18 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:stable:*:*:*:*:*:*",
"matchCriteriaId": "32FCB0B3-8FBE-49FA-B17E-0D5462C9E5B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "30661C23-9BE4-4F6E-AEB9-1B9D7DAA6FC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E3313D5-52E8-49B3-B145-170D9A26DA43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables."
}
],
"id": "CVE-1999-0781",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1998-11-18T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=91141486301691\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=91141486301691\u0026w=2"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}