CVE-2010-1511

EPSS 6.64%
Published 17.05.2010 21:00:01
Last modified 11.04.2025 00:51:21
Source PSIRT-CNA@flexerasoftware.com
Teams watchlist Login
Open Login

KGet 2.4.2 in KDE SC 4.0.0 through 4.4.3 does not properly request download confirmation from the user, which makes it easier for remote attackers to overwrite arbitrary files via a crafted metalink file.

Affected products Warnungen 0 Metrics 2 CWE 0 References 19

Data is provided by the National Vulnerability Database (NVD)

Kde ≫ Kget Version2.4.2

Kde ≫ Kde Sc Version2.2.0

Kde ≫ Kde Sc Version3.5.10

Kde ≫ Kde Sc Version4.0.0

Kde ≫ Kde Sc Version4.0.0 Updatealpha1

Kde ≫ Kde Sc Version4.0.0 Updatealpha2

Kde ≫ Kde Sc Version4.0.0 Updatebeta1

Kde ≫ Kde Sc Version4.0.0 Updatebeta2

Kde ≫ Kde Sc Version4.0.0 Updatebeta3

Kde ≫ Kde Sc Version4.0.0 Updatebeta4

Kde ≫ Kde Sc Version4.0.0 Updaterc1

Kde ≫ Kde Sc Version4.0.0 Updaterc2

Kde ≫ Kde Sc Version4.0.1

Kde ≫ Kde Sc Version4.0.2

Kde ≫ Kde Sc Version4.0.3

Kde ≫ Kde Sc Version4.0.4

Kde ≫ Kde Sc Version4.0.5

Kde ≫ Kde Sc Version4.1.0

Kde ≫ Kde Sc Version4.1.0 Updatealpha1

Kde ≫ Kde Sc Version4.1.0 Updatebeta1

Kde ≫ Kde Sc Version4.1.0 Updatebeta2

Kde ≫ Kde Sc Version4.1.0 Updaterc

Kde ≫ Kde Sc Version4.1.1

Kde ≫ Kde Sc Version4.1.2

Kde ≫ Kde Sc Version4.1.3

Kde ≫ Kde Sc Version4.1.4

Kde ≫ Kde Sc Version4.1.80

Kde ≫ Kde Sc Version4.1.85

Kde ≫ Kde Sc Version4.1.96

Kde ≫ Kde Sc Version4.2 Updatebeta2

Kde ≫ Kde Sc Version4.2 Updaterc

Kde ≫ Kde Sc Version4.2.0

Kde ≫ Kde Sc Version4.2.1

Kde ≫ Kde Sc Version4.2.2

Kde ≫ Kde Sc Version4.2.3

Kde ≫ Kde Sc Version4.2.4

Kde ≫ Kde Sc Version4.3.0

Kde ≫ Kde Sc Version4.3.0 Updatebeta1

Kde ≫ Kde Sc Version4.3.0 Updatebeta3

Kde ≫ Kde Sc Version4.3.0 Updaterc1

Kde ≫ Kde Sc Version4.3.0 Updaterc2

Kde ≫ Kde Sc Version4.3.0 Updaterc3

Kde ≫ Kde Sc Version4.3.1

Kde ≫ Kde Sc Version4.3.2

Kde ≫ Kde Sc Version4.3.3

Kde ≫ Kde Sc Version4.3.4

Kde ≫ Kde Sc Version4.3.5

Kde ≫ Kde Sc Version4.4.0

Kde ≫ Kde Sc Version4.4.0 Updatebeta1

Kde ≫ Kde Sc Version4.4.0 Updatebeta2

Kde ≫ Kde Sc Version4.4.0 Updaterc1

Kde ≫ Kde Sc Version4.4.0 Updaterc2

Kde ≫ Kde Sc Version4.4.0 Updaterc3

Kde ≫ Kde Sc Version4.4.1

Kde ≫ Kde Sc Version4.4.2

Kde ≫ Kde Sc Version4.4.3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	6.64%	0.902

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.4	10	4.9	AV:N/AC:L/Au:N/C:N/I:P/A:P

http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051692.html

http://marc.info/?l=oss-security&m=127378789518426&w=2

http://secunia.com/advisories/39528

Vendor Advisory

http://secunia.com/advisories/39787

Vendor Advisory

http://securitytracker.com/id?1023984

http://www.kde.org/info/security/advisory-20100513-1.txt

Vendor Advisory

http://www.securityfocus.com/archive/1/511294/100/0/threaded

http://www.securityfocus.com/bid/40141

http://www.ubuntu.com/usn/USN-938-1

http://www.vupen.com/english/advisories/2010/1142

Vendor Advisory

http://www.vupen.com/english/advisories/2010/1144

Vendor Advisory

http://www.vupen.com/english/advisories/2010/3096

Vendor Advisory

http://osvdb.org/64689

http://secunia.com/secunia_research/2010-70/

Vendor Advisory

http://www.securityfocus.com/archive/1/511279/100/0/threaded

https://exchange.xforce.ibmcloud.com/vulnerabilities/58629

https://nvd.nist.gov/vuln/detail/CVE-2010-1511

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2010-1511

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2010-1511

EUVD