Kde

Kde

65 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2002-2333

  • EPSS 1.37%
  • Published 31.12.2002 05:00:00
  • Last modified 03.04.2025 01:03:51

Buffer overflow in konqueror in KDE 2.1 through 3.0 and 3.0.2 allows remote attackers to cause a denial of service (crash) via an IMG tag with large width and height attributes.

7.5

CVE-2002-1306

  • EPSS 5.54%
  • Published 29.11.2002 05:00:00
  • Last modified 03.04.2025 01:03:51

Multiple buffer overflows in LISa on KDE 2.x for 2.1 and later, and KDE 3.x before 3.0.4, allow (1) local and possibly remote attackers to execute arbitrary code via the "lisa" daemon, and (2) remote attackers to execute arbitrary code via a certain ...

7.5

CVE-2002-1282

  • EPSS 5.5%
  • Published 29.11.2002 05:00:00
  • Last modified 03.04.2025 01:03:51

Unknown vulnerability in the telnet KIO subsystem (telnet.protocol) of KDE 2.x 2.1 and later allows local and remote attackers to execute arbitrary code via a certain URL.

7.5

CVE-2002-1281

  • EPSS 6.33%
  • Published 29.11.2002 05:00:00
  • Last modified 03.04.2025 01:03:51

Unknown vulnerability in the rlogin KIO subsystem (rlogin.protocol) of KDE 2.x 2.1 and later, and KDE 3.x 3.0.4 and earlier, allows local and remote attackers to execute arbitrary code via a certain URL.

7.2

CVE-2002-1247

  • EPSS 0.08%
  • Published 29.11.2002 05:00:00
  • Last modified 03.04.2025 01:03:51

Buffer overflow in LISa allows local users to gain access to a raw socket via a long LOGNAME environment variable for the resLISa daemon.

5

CVE-2002-1224

Exploit
  • EPSS 11.84%
  • Published 28.10.2002 05:00:00
  • Last modified 03.04.2025 01:03:51

Directory traversal vulnerability in kpf for KDE 3.0.1 through KDE 3.0.3a allows remote attackers to read arbitrary files as the kpf user via a URL with a modified icon parameter.

7.5

CVE-2002-1223

  • EPSS 0.8%
  • Published 28.10.2002 05:00:00
  • Last modified 03.04.2025 01:03:51

Buffer overflow in DSC 3.0 parser from GSview, as used in KGhostView in KDE 1.1 and KDE 3.0.3a, may allow attackers to cause a denial of service or execute arbitrary code via a modified .ps (PostScript) input file.

7.5

CVE-2002-1151

  • EPSS 3.23%
  • Published 11.10.2002 04:00:00
  • Last modified 03.04.2025 01:03:51

The cross-site scripting protection for Konqueror in KDE 2.2.2 and 3.0 through 3.0.3 does not properly initialize the domains on sub-frames and sub-iframes, which can allow remote attackers to execute script and steal cookies from subframes that are ...

7.5

CVE-2002-1152

  • EPSS 0.91%
  • Published 11.10.2002 04:00:00
  • Last modified 03.04.2025 01:03:51

Konqueror in KDE 3.0 through 3.0.2 does not properly detect the "secure" flag in an HTTP cookie, which could cause Konqueror to send the cookie across an unencrypted channel, which could allow remote attackers to steal the cookie via sniffing.

7.5

CVE-2002-0970

Exploit
  • EPSS 2.4%
  • Published 24.09.2002 04:00:00
  • Last modified 03.04.2025 01:03:51

The SSL capability for Konqueror in KDE 3.0.2 and earlier does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack.