6.4

CVE-2010-1511

KGet 2.4.2 in KDE SC 4.0.0 through 4.4.3 does not properly request download confirmation from the user, which makes it easier for remote attackers to overwrite arbitrary files via a crafted metalink file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
KdeKget Version2.4.2
KdeKde Sc Version2.2.0
KdeKde Sc Version3.5.10
KdeKde Sc Version4.0.0
KdeKde Sc Version4.0.0 Updatealpha1
KdeKde Sc Version4.0.0 Updatealpha2
KdeKde Sc Version4.0.0 Updatebeta1
KdeKde Sc Version4.0.0 Updatebeta2
KdeKde Sc Version4.0.0 Updatebeta3
KdeKde Sc Version4.0.0 Updatebeta4
KdeKde Sc Version4.0.0 Updaterc1
KdeKde Sc Version4.0.0 Updaterc2
KdeKde Sc Version4.0.1
KdeKde Sc Version4.0.2
KdeKde Sc Version4.0.3
KdeKde Sc Version4.0.4
KdeKde Sc Version4.0.5
KdeKde Sc Version4.1.0
KdeKde Sc Version4.1.0 Updatealpha1
KdeKde Sc Version4.1.0 Updatebeta1
KdeKde Sc Version4.1.0 Updatebeta2
KdeKde Sc Version4.1.0 Updaterc
KdeKde Sc Version4.1.1
KdeKde Sc Version4.1.2
KdeKde Sc Version4.1.3
KdeKde Sc Version4.1.4
KdeKde Sc Version4.1.80
KdeKde Sc Version4.1.85
KdeKde Sc Version4.1.96
KdeKde Sc Version4.2 Updatebeta2
KdeKde Sc Version4.2 Updaterc
KdeKde Sc Version4.2.0
KdeKde Sc Version4.2.1
KdeKde Sc Version4.2.2
KdeKde Sc Version4.2.3
KdeKde Sc Version4.2.4
KdeKde Sc Version4.3.0
KdeKde Sc Version4.3.0 Updatebeta1
KdeKde Sc Version4.3.0 Updatebeta3
KdeKde Sc Version4.3.0 Updaterc1
KdeKde Sc Version4.3.0 Updaterc2
KdeKde Sc Version4.3.0 Updaterc3
KdeKde Sc Version4.3.1
KdeKde Sc Version4.3.2
KdeKde Sc Version4.3.3
KdeKde Sc Version4.3.4
KdeKde Sc Version4.3.5
KdeKde Sc Version4.4.0
KdeKde Sc Version4.4.0 Updatebeta1
KdeKde Sc Version4.4.0 Updatebeta2
KdeKde Sc Version4.4.0 Updaterc1
KdeKde Sc Version4.4.0 Updaterc2
KdeKde Sc Version4.4.0 Updaterc3
KdeKde Sc Version4.4.1
KdeKde Sc Version4.4.2
KdeKde Sc Version4.4.3
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.32% 0.87
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.4 10 4.9
AV:N/AC:L/Au:N/C:N/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051692.html
http://marc.info/?l=oss-security&m=127378789518426&w=2
http://secunia.com/advisories/39528
Vendor Advisory
http://secunia.com/advisories/39787
Vendor Advisory
http://securitytracker.com/id?1023984
http://www.kde.org/info/security/advisory-20100513-1.txt
Vendor Advisory
http://www.securityfocus.com/archive/1/511294/100/0/threaded
http://www.securityfocus.com/bid/40141
http://www.ubuntu.com/usn/USN-938-1
http://www.vupen.com/english/advisories/2010/1142
Vendor Advisory
http://www.vupen.com/english/advisories/2010/1144
Vendor Advisory
http://www.vupen.com/english/advisories/2010/3096
Vendor Advisory
http://osvdb.org/64689
http://secunia.com/secunia_research/2010-70/
Vendor Advisory
http://www.securityfocus.com/archive/1/511279/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/58629