Kde

Kde

65 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
2.1

CVE-2005-0365

  • EPSS 0.07%
  • Veröffentlicht 02.05.2005 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The dcopidlng script in KDE 3.2.x and 3.3.x creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.

5

CVE-2005-0404

Exploit
  • EPSS 4.47%
  • Veröffentlicht 02.05.2005 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

KMail 1.7.1 in KDE 3.3.2 allows remote attackers to spoof email information, such as whether the email has been digitally signed or encrypted, via HTML formatted email.

7.5

CVE-2005-0206

  • EPSS 6.53%
  • Veröffentlicht 27.04.2005 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.

7.5

CVE-2005-0754

  • EPSS 2.28%
  • Veröffentlicht 22.04.2005 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Kommander in KDE 3.2 through KDE 3.4.0 executes data files without confirmation from the user, which allows remote attackers to execute arbitrary code.

10

CVE-2004-0889

  • EPSS 3.39%
  • Veröffentlicht 27.01.2005 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by C...

10

CVE-2004-0888

  • EPSS 4.44%
  • Veröffentlicht 27.01.2005 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabili...

5

CVE-2004-0886

Exploit
  • EPSS 10.99%
  • Veröffentlicht 27.01.2005 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls.

2.1

CVE-2004-1171

  • EPSS 0.12%
  • Veröffentlicht 10.01.2005 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are (1) manually entered by the user or (2) created by the SMB protocol handler, stores those credentials for plaintext in the user's .desktop file, which may be created with world-reada...

9.3

CVE-2004-1125

  • EPSS 7.31%
  • Veröffentlicht 10.01.2005 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service (application crash) and...

5

CVE-2004-1491

  • EPSS 25.86%
  • Veröffentlicht 31.12.2004 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry.