MidnightBSD

Advisories for kde

CVE-1999-0735 MEDIUM

KDE K-Mail allows local users to gain privileges via a symlink attack in temporary user directories.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde k-mail *
CVE-1999-0780 MEDIUM

KDE klock allows local users to kill arbitrary processes by specifying an arbitrary PID in the .kss.pid file.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
freebsd freebsd 6.2
linux linux_kernel 2.6.20.1
kde kde 1.0
CVE-1999-0781 HIGH

KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
freebsd freebsd 6.2
linux linux_kernel 2.6.20.1
kde kde 1.0
CVE-1999-0782 LOW

KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
freebsd freebsd 6.2
linux linux_kernel 2.6.20.1
kde kde 1.0
CVE-1999-1096 HIGH

Buffer overflow in kscreensaver in KDE klock allows local users to gain root privileges via a long HOME environmental variable.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde 1.0
CVE-1999-1106 HIGH

Buffer overflow in kppp in KDE allows local users to gain root access via a long -c (account_name) command line argument.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde *
CVE-1999-1107 HIGH

Buffer overflow in kppp in KDE allows local users to gain root access via a long PATH environmental variable.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde 1.0
CVE-1999-1267 MEDIUM

KDE file manager (kfm) uses a TCP server for certain file operations, which allows remote attackers to modify arbitrary files by sending a copy command to the server.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde *
CVE-1999-1268 HIGH

Vulnerability in KDE konsole allows local users to hijack or observe sessions of other users by accessing certain devices.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde *
CVE-1999-1269 LOW

Screen savers in KDE beta 3 allows local users to overwrite arbitrary files via a symlink attack on the .kss.pid file.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde_beta_3 initial
CVE-1999-1270 MEDIUM

KMail in KDE 1.0 provides a PGP passphrase as a command line argument to other programs, which could allow local users to obtain the passphrase and compromise the PGP keys of other users by viewing the arguments via programs that list process information, such as ps.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde 1.0
CVE-2000-0371 LOW

The libmediatool library used for the KDE mediatool allows local users to create arbitrary files via a symlink attack.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde 1.1.1
kde kde 1.1
CVE-2000-0373 HIGH

Vulnerabilities in the KDE kvt terminal program allow local users to gain root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kvt *
CVE-2000-0393 HIGH

The KDE kscd program does not drop privileges when executing a program specified in a user's SHELL environmental variable, which allows the user to gain privileges by specifying an alternate program to execute.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde 1.2
kde kde 1.1.1
kde kde 1.1
kde kde 2.0_beta
CVE-2000-0460 HIGH

Buffer overflow in KDE kdesud on Linux allows local uses to gain privileges via a long DISPLAY environmental variable.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde 1.2
kde kde 1.1.1
kde kde 1.1
kde kde 1.1.2
CVE-2000-0481 MEDIUM

Buffer overflow in KDE Kmail allows a remote attacker to cause a denial of service via an attachment with a long file name.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde k-mail 1.0.29
kde k-mail 1.0.29.1
kde k-mail 1.0.27
kde k-mail 1.0.23
kde k-mail 1.0.28
kde k-mail 1.0.24
kde k-mail 1.0.25
kde k-mail 1.0.26
CVE-2000-0530 HIGH

The KApplication class in the KDE 1.1.2 configuration file management capability allows local users to overwrite arbitrary files.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
caldera openlinux 2.4
kde kde 1.1.2
CVE-2000-0918 HIGH

Format string vulnerability in kvt in KDE 1.1.2 may allow local users to execute arbitrary commands via a DISPLAY environmental variable that contains formatting characters.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kvt 1.1.2
CVE-2001-0610 MEDIUM

kfm as included with KDE 1.x can allow a local attacker to gain additional privileges via a symlink attack in the kfm cache directory in /tmp.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde 1.x
suse suse_linux 7.0
CVE-2001-0782 HIGH

KDE ktvision 0.1.1-271 and earlier allows local attackers to gain root privileges via a symlink attack on a user configuration file.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde ktv *
CVE-2001-1197 MEDIUM

klprfax_filter in KDE2 KDEUtils allows local users to overwrite arbitrary files via a symlink attack on the klprfax.filter temporary file.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kdeutils 2.2
kde kdeutils 2.2.2
CVE-2002-0227 MEDIUM

KICQ 2.0.0b1 allows remote attackers to cause a denial of service (crash) via a malformed message.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde 2.1.2
kicq kicq 2.0.0b1
CVE-2002-0342 MEDIUM

Kmail 1.2 on KDE 2.1.1 allows remote attackers to cause a denial of service (crash) via an email message whose body is approximately 55 K long.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde k-mail 1.2
CVE-2002-0970 HIGH

The SSL capability for Konqueror in KDE 3.0.2 and earlier does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde 3.0.1
kde konqueror 3.0.1
kde konqueror 2.2.2
kde kde 2.2.2
kde kde 3.0
kde konqueror 3.0.2
kde kde 3.0.2
kde konqueror 3.0
CVE-2002-1151 HIGH

The cross-site scripting protection for Konqueror in KDE 2.2.2 and 3.0 through 3.0.3 does not properly initialize the domains on sub-frames and sub-iframes, which can allow remote attackers to execute script and steal cookies from subframes that are in other domains.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde 3.0.3
kde kde 3.0.1
kde konqueror 3.0.1
kde konqueror 3.0.3
kde konqueror 2.2.2
kde kde 2.2.2
kde kde 3.0
kde konqueror 3.0.2
kde kde 3.0.2
kde konqueror 3.0
CVE-2002-1152 HIGH

Konqueror in KDE 3.0 through 3.0.2 does not properly detect the "secure" flag in an HTTP cookie, which could cause Konqueror to send the cookie across an unencrypted channel, which could allow remote attackers to steal the cookie via sniffing.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde 3.0.1
kde kde 3.0
kde kde 3.0.2
CVE-2002-1223 HIGH

Buffer overflow in DSC 3.0 parser from GSview, as used in KGhostView in KDE 1.1 and KDE 3.0.3a, may allow attackers to cause a denial of service or execute arbitrary code via a modified .ps (PostScript) input file.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde 3.0.3a
kde kde 1.1
CVE-2002-1224 MEDIUM

Directory traversal vulnerability in kpf for KDE 3.0.1 through KDE 3.0.3a allows remote attackers to read arbitrary files as the kpf user via a URL with a modified icon parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde 3.0.3
kde kde 3.0.1
kde kde 3.0.3a
kde kde 3.0.2
CVE-2002-1247 HIGH

Buffer overflow in LISa allows local users to gain access to a raw socket via a long LOGNAME environment variable for the resLISa daemon.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde 3.0.3
kde kde 3.0.1
kde kde 2.0
kde klisa 2.2.2
kde kde 3.0.4
kde kde 2.2
kde kde 3.0
lisa lisa 0.1.2
kde kde 3.0.3a
lisa lisa 0.1
kde kde 3.0.2
kde kde 2.1
CVE-2002-1281 HIGH

Unknown vulnerability in the rlogin KIO subsystem (rlogin.protocol) of KDE 2.x 2.1 and later, and KDE 3.x 3.0.4 and earlier, allows local and remote attackers to execute arbitrary code via a certain URL.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde 3.0.3
kde kde 3.0.1
kde kde 2.1.2
kde kde 3.0.4
kde kde 2.2
kde kde 2.2.1
kde kde 2.2.2
kde kde 3.0
kde kde 3.0.2
kde kde 2.1.1
kde kde 2.1
CVE-2002-1282 HIGH

Unknown vulnerability in the telnet KIO subsystem (telnet.protocol) of KDE 2.x 2.1 and later allows local and remote attackers to execute arbitrary code via a certain URL.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde 3.0.3
kde kde 3.0.1
kde kde 2.1.2
kde kde 3.0.4
kde kde 2.2
kde kde 2.2.1
kde kde 2.2.2
kde kde 3.0
kde kde 3.0.2
kde kde 2.1.1
kde kde 2.1
CVE-2002-1306 HIGH

Multiple buffer overflows in LISa on KDE 2.x for 2.1 and later, and KDE 3.x before 3.0.4, allow (1) local and possibly remote attackers to execute arbitrary code via the "lisa" daemon, and (2) remote attackers to execute arbitrary code via a certain "lan://" URL.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde 3.0.3
kde kde 3.0.1
kde kde 2.1.2
kde kde 2.2
kde kde 2.2.1
kde kde 2.2.2
kde kde 3.0
kde kde 3.0.2
kde kde 2.1.1
kde kde 2.1
CVE-2002-1393 HIGH

Multiple vulnerabilities in KDE 2 and KDE 3.x through 3.0.5 do not quote certain parameters that are inserted into a shell command, which could allow remote attackers to execute arbitrary commands via (1) URLs, (2) filenames, or (3) e-mail addresses.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde 3.0.3
kde kde 3.0.1
kde kde 2.0
kde kde 3.0.5
kde kde 3.0.4
kde kde 2.2
kde kde 3.0
kde kde 2.1.1
kde kde 2.0.1
kde kde 3.0.3a
kde kde 2.1.2
kde kde 2.2.1
kde kde 2.2.2
kde kde 3.0.2
kde kde 2.1
CVE-2002-2333 MEDIUM

Buffer overflow in konqueror in KDE 2.1 through 3.0 and 3.0.2 allows remote attackers to cause a denial of service (crash) via an IMG tag with large width and height attributes.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
kde kde 2.1.2
kde kde 2.2
kde kde 2.2.1
kde kde 2.2.2
kde kde 3.0
kde kde 3.0.2
kde kde 2.1.1
kde kde 2.1
CVE-2003-0204 HIGH

KDE 2 and KDE 3.1.1 and earlier 3.x versions allows attackers to execute arbitrary commands via (1) PostScript (PS) or (2) PDF files, related to missing -dPARANOIDSAFER and -dSAFER arguments when using the kghostview Ghostscript viewer.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde 3.0.3
kde kde 3.0.1
kde kde 2.0
kde kde 3.0.5a
kde kde 3.0.5
kde kde 3.1.1
kde kde 3.0.4
kde kde 2.2
kde kde 3.0
kde kde 3.1
kde kde 2.1.1
kde kde 2.0.1
kde kde 3.0.3a
kde kde 2.1.2
kde kde 2.2.1
kde kde 2.2.2
kde kde 3.0.2
kde kde 2.1
CVE-2003-0256 HIGH

The GnuPG plugin in kopete before 0.6.2 does not properly cleanse the command line when executing gpg, which allows remote attackers to execute arbitrary commands.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kopete 0.6.1
CVE-2003-0355 MEDIUM

Safari 1.0 Beta 2 (v73) and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde konqueror_embedded *
apple safari 1.0
CVE-2003-0370 HIGH

Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde *
redhat linux 7.2
turbolinux turbolinux_workstation 7.0
turbolinux turbolinux_workstation 8.0
turbolinux turbolinux_server 8.0
turbolinux turbolinux_server 7.0
redhat linux 7.1
apple safari 1.0
kde konqueror_embedded 0.1
CVE-2003-0459 MEDIUM

KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat kdelibs_sound 2.1.1-5
kde konqueror 3.0.3
kde konqueror 3.0.2
redhat kdelibs_sound_devel 2.1.1-5
kde konqueror 3.0.5
kde konqueror 3.1.2
redhat kdelibs_devel 3.0.3-8
redhat analog_real-time_synthesizer 2.2-11
redhat kdebase 3.0.3-13
kde konqueror 2.2.2
redhat kdelibs_sound_devel 2.2-11
kde konqueror 3.1
kde konqueror 3.1.1
redhat kdelibs_devel 2.2-11
kde konqueror 2.1.1
redhat kdelibs 2.2-11
kde konqueror 3.0.1
redhat kdelibs 3.1-10
redhat analog_real-time_synthesizer 2.1.1-5
redhat kdelibs 2.1.1-5
kde konqueror_embedded 0.1
redhat kdelibs_sound 2.2-11
redhat kdelibs_devel 3.1-10
redhat kdelibs 3.0.0-10
redhat kdelibs_devel 2.1.1-5
redhat kdelibs_devel 3.0.0-10
kde konqueror 3.0
CVE-2003-0592 HIGH

Konqueror in KDE 3.1.3 and earlier (kdelibs) allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Konqueror to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde konqueror 3.0.5
kde konqueror 3.1
kde konqueror 3.1.1
kde konqueror 3.1.2
kde konqueror 2.1.1
kde konqueror 3.0.1
kde konqueror 3.0.3
kde konqueror 2.2.2
kde konqueror 3.0.2
kde konqueror_embedded 0.1
kde konqueror 3.0
CVE-2003-0690 HIGH

KDM in KDE 3.1.3 and earlier does not verify whether the pam_setcred function call succeeds, which may allow attackers to gain root privileges by triggering error conditions within PAM modules, as demonstrated in certain configurations of the MIT pam_krb5 module.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde 3.0.3
kde kde 2.0
kde kde 3.0.5a
kde kde 3.1.1
kde kde 3.0.4
kde kde 3.0.5b
kde kde 3.0
kde kde 3.1
kde kde 2.0_beta
kde kde 1.1.2
kde kde 1.1.1
kde kde 3.0.3a
kde kde 2.1.2
kde kde 2.1
kde kde 3.1.2
kde kde 3.0.1
kde kde 3.0.5
kde kde 2.2
kde kde 3.1.1a
kde kde 1.1
kde kde 2.1.1
kde kde 2.0.1
kde kde 1.2
kde kde 3.1.3
kde kde 2.2.1
kde kde 2.2.2
kde kde 3.0.2
CVE-2003-0692 HIGH

KDM in KDE 3.1.3 and earlier uses a weak session cookie generation algorithm that does not provide 128 bits of entropy, which allows attackers to guess session cookies via brute force methods and gain access to the user session.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde 3.0.3
kde kde 2.0
kde kde 3.0.5a
kde kde 3.1.1
kde kde 3.0.4
kde kde 3.0.5b
kde kde 3.0
kde kde 3.1
kde kde 2.0_beta
kde kde 1.1.2
kde kde 1.1.1
kde kde 3.0.3a
kde kde 2.1.2
kde kde 2.1
kde kde 3.1.2
kde kde 3.0.1
kde kde 3.0.5
kde kde 2.2
kde kde 3.1.1a
kde kde 1.1
kde kde 2.1.1
kde kde 2.0.1
kde kde 1.2
kde kde 3.1.3
kde kde 2.2.1
kde kde 2.2.2
kde kde 3.0.2
CVE-2003-0988 HIGH

Buffer overflow in the VCF file information reader for KDE Personal Information Management (kdepim) suite in KDE 3.1.0 through 3.1.4 allows attackers to execute arbitrary code via a VCF file.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde 3.1.3
kde kde 3.1.1
kde kde 3.1.0
kde kde 3.1.2
CVE-2003-1478 MEDIUM

Konqueror in KDE 3.0.3 allows remote attackers to cause a denial of service (core dump) via a web page that begins with a "xFFxFE" byte sequence and a large number of CRLF sequences, as demonstrated using freeze.htm.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
kde konqueror 3.0.3
CVE-2004-0411 HIGH

The URI handlers in Konqueror for KDE 3.2.2 and earlier do not properly filter "-" characters that begin a hostname in a (1) telnet, (2) rlogin, (3) ssh, or (4) mailto URI, which allows remote attackers to manipulate the options that are passed to the associated programs, possibly to read arbitrary files or execute arbitrary code.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-88,

Products Affected

Vendor Product Version
kde konqueror *
CVE-2004-0527 MEDIUM

KDE Konqueror 2.1.1 and 2.2.2 allows remote attackers to spoof a legitimate URL in the status bar via A HREF tags with modified "alt" values that point to the legitimate site, combined with an image map whose href points to the malicious site, which facilitates a "phishing" attack.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde konqueror 3.1
kde konqueror 3.1.1
kde konqueror 2.1.1
kde konqueror 3.0.1
kde konqueror 3.0.3
kde konqueror 3.2.1
kde konqueror 3.0.2
kde konqueror 3.0.5
kde konqueror 3.1.2
kde konqueror 3.1.3
kde konqueror 2.2.2
kde konqueror 3.0
CVE-2004-0689 MEDIUM

KDE before 3.3.0 does not properly handle when certain symbolic links point to "stale" locations, which could allow local users to create or truncate arbitrary files.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.1 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H 1.8 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-59,

Products Affected

Vendor Product Version
debian debian_linux 3.0
kde kde *
CVE-2004-0690 MEDIUM

The DCOPServer in KDE 3.2.3 and earlier allows local users to gain unauthorized access via a symlink attack on DCOP files in the /tmp directory.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde 3.2.1
CVE-2004-0721 HIGH

Konqueror 3.1.3, 3.2.2, and possibly other versions does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde konqueror 3.1.3
kde konqueror 3.2.2
CVE-2004-0746 HIGH

Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.1
kde konqueror 3.1
kde konqueror 3.0.5b
kde konqueror 3.1.1
kde konqueror 3.0.1
kde konqueror 3.1.5
kde konqueror 3.0.3
kde konqueror 3.2.3
suse suse_linux 8.2
kde konqueror 3.2.1
kde konqueror 3.0.2
kde konqueror 3.0.5
suse suse_linux 9.1
kde konqueror 3.1.2
kde kde 3.1.3
kde kde 3.2
kde konqueror 3.1.3
mandrakesoft mandrake_linux 10.0
suse suse_linux 9.0
mandrakesoft mandrake_linux 9.2
suse suse_linux 8
gentoo linux 1.4
kde konqueror 3.0
CVE-2004-0803 HIGH

Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.1
redhat enterprise_linux 3.0
libtiff libtiff 3.5.5
libtiff libtiff 3.6.0
apple mac_os_x_server 10.2
apple mac_os_x 10.2.7
kde kde 3.2.1
apple mac_os_x 10.2.4
kde kde 3.2
apple mac_os_x_server 10.3
trustix secure_linux 2.1
mandrakesoft mandrake_linux 10.0
libtiff libtiff 3.6.1
kde kde 3.3
suse suse_linux 1.0
libtiff libtiff 3.5.4
apple mac_os_x_server 10.2.5
apple mac_os_x_server 10.3.3
apple mac_os_x_server 10.3.5
apple mac_os_x 10.2
libtiff libtiff 3.4
apple mac_os_x 10.2.3
apple mac_os_x 10.3.5
apple mac_os_x 10.2.2
redhat enterprise_linux_desktop 3.0
redhat linux_advanced_workstation 2.1
kde kde 3.2.3
apple mac_os_x 10.2.5
apple mac_os_x 10.3.1
apple mac_os_x_server 10.3.6
apple mac_os_x_server 10.2.4
apple mac_os_x_server 10.2.8
apple mac_os_x 10.3.6
apple mac_os_x 10.3.2
apple mac_os_x 10.3.3
pdflib pdf_library 5.0.2
apple mac_os_x 10.3
apple mac_os_x_server 10.3.2
apple mac_os_x 10.3.4
libtiff libtiff 3.5.7
kde kde 3.2.2
suse suse_linux 9.1
apple mac_os_x_server 10.2.6
trustix secure_linux 2.0
apple mac_os_x 10.2.1
kde kde 3.3.1
apple mac_os_x_server 10.3.1
trustix secure_linux 1.5
apple mac_os_x_server 10.3.4
apple mac_os_x_server 10.2.1
apple mac_os_x_server 10.2.2
suse suse_linux 8.2
libtiff libtiff 3.5.2
apple mac_os_x 10.2.6
apple mac_os_x 10.2.8
wxgtk2 wxgtk2 2.5_.0
apple mac_os_x_server 10.2.3
libtiff libtiff 3.5.1
redhat enterprise_linux 2.1
apple mac_os_x_server 10.2.7
libtiff libtiff 3.5.3
suse suse_linux 9.0
redhat fedora_core core_2.0
suse suse_linux 8
CVE-2004-0866 HIGH

Internet Explorer 6.0 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.1
kde konqueror 3.0.5b
kde konqueror 3.1.5
kde konqueror 3.0.3
kde konqueror 3.2.3
kde konqueror 3.0.2
kde konqueror 2.2.1
kde konqueror 3.0.5
kde konqueror 3.1.2
microsoft internet_explorer 6.0
mozilla firefox 0.9.2
kde konqueror 2.2.2
kde konqueror 3.1
kde konqueror 3.1.1
kde konqueror 2.1.1
suse suse_linux 1.0
kde konqueror 3.0.1
suse suse_linux 8.2
microsoft ie 6.0
kde konqueror 3.2.1
kde konqueror 3.1.3
kde konqueror 3.1.4
suse suse_linux 9.0
suse suse_linux 8
kde konqueror 2.1.2
kde konqueror 3.0
CVE-2004-0867 HIGH

Mozilla Firefox 0.9.2 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session. NOTE: it was later reported that 2.x is also affected.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
suse suse_linux 8.1
kde konqueror 3.0.5b
kde konqueror 3.1.5
kde konqueror 3.0.3
kde konqueror 3.2.3
kde konqueror 3.0.2
kde konqueror 2.2.1
kde konqueror 3.0.5
kde konqueror 3.1.2
microsoft internet_explorer 6.0
mozilla firefox 0.9.2
kde konqueror 2.2.2
kde konqueror 3.1
kde konqueror 3.1.1
kde konqueror 2.1.1
suse suse_linux 1.0
kde konqueror 3.0.1
suse suse_linux 8.2
microsoft ie 6.0
kde konqueror 3.2.1
kde konqueror 3.1.3
kde konqueror 3.1.4
suse suse_linux 9.0
suse suse_linux 8
kde konqueror 2.1.2
kde konqueror 3.0
CVE-2004-0870 MEDIUM

KDE Konqueror does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers to steal cookies and conduct unauthorized activities, aka "Cross Security Boundary Cookie Injection."

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde konqueror 3.1
kde konqueror 3.0.5b
kde konqueror 3.1.1
kde konqueror 2.1.1
kde konqueror 3.0.1
kde konqueror 3.1.5
kde konqueror 3.0.3
kde konqueror 3.2.3
kde konqueror 3.2.1
kde konqueror 3.0.2
kde konqueror 2.2.1
kde konqueror 3.0.5
kde konqueror 3.1.2
kde konqueror 3.1.3
kde konqueror 3.1.4
kde konqueror 2.2.2
kde konqueror 2.1.2
kde konqueror 3.0
CVE-2004-0886 MEDIUM

Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.1
redhat enterprise_linux 3.0
libtiff libtiff 3.5.5
libtiff libtiff 3.6.0
apple mac_os_x_server 10.2
apple mac_os_x 10.2.7
kde kde 3.2.1
apple mac_os_x 10.2.4
kde kde 3.2
apple mac_os_x_server 10.3
trustix secure_linux 2.1
mandrakesoft mandrake_linux 10.0
libtiff libtiff 3.6.1
kde kde 3.3
suse suse_linux 1.0
libtiff libtiff 3.5.4
apple mac_os_x_server 10.2.5
apple mac_os_x_server 10.3.3
apple mac_os_x_server 10.3.5
apple mac_os_x 10.2
libtiff libtiff 3.4
apple mac_os_x 10.2.3
apple mac_os_x 10.3.5
apple mac_os_x 10.2.2
redhat enterprise_linux_desktop 3.0
redhat linux_advanced_workstation 2.1
kde kde 3.2.3
apple mac_os_x 10.2.5
apple mac_os_x 10.3.1
apple mac_os_x_server 10.3.6
apple mac_os_x_server 10.2.4
apple mac_os_x_server 10.2.8
apple mac_os_x 10.3.6
apple mac_os_x 10.3.2
wxgtk2 wxgtk2 *
apple mac_os_x 10.3.3
pdflib pdf_library 5.0.2
apple mac_os_x 10.3
apple mac_os_x_server 10.3.2
apple mac_os_x 10.3.4
libtiff libtiff 3.5.7
kde kde 3.2.2
suse suse_linux 9.1
apple mac_os_x_server 10.2.6
trustix secure_linux 2.0
apple mac_os_x 10.2.1
kde kde 3.3.1
apple mac_os_x_server 10.3.1
trustix secure_linux 1.5
apple mac_os_x_server 10.3.4
apple mac_os_x_server 10.2.1
apple mac_os_x_server 10.2.2
suse suse_linux 8.2
libtiff libtiff 3.5.2
apple mac_os_x 10.2.6
apple mac_os_x 10.2.8
wxgtk2 wxgtk2 2.5_.0
apple mac_os_x_server 10.2.3
libtiff libtiff 3.5.1
redhat enterprise_linux 2.1
apple mac_os_x_server 10.2.7
libtiff libtiff 3.5.3
suse suse_linux 9.0
redhat fedora_core core_2.0
suse suse_linux 8
CVE-2004-0888 HIGH

Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.1
easy_software_products cups 1.1.13
kde koffice 1.3_beta3
suse suse_linux 8.0
kde koffice 1.3.2
redhat enterprise_linux 3.0
ubuntu ubuntu_linux 4.1
kde kde 3.2.1
xpdf xpdf 1.1
easy_software_products cups 1.1.19
xpdf xpdf 0.92
kde kde 3.2
xpdf xpdf 2.0
kde kpdf 3.2
gnome gpdf 0.131
easy_software_products cups 1.1.16
kde kde 3.3
easy_software_products cups 1.1.20
kde koffice 1.3_beta1
easy_software_products cups 1.1.14
easy_software_products cups 1.1.7
pdftohtml pdftohtml 0.34
easy_software_products cups 1.1.18
easy_software_products cups 1.1.19_rc5
suse suse_linux 9.2
redhat enterprise_linux_desktop 3.0
easy_software_products cups 1.1.17
kde koffice 1.3.1
redhat linux_advanced_workstation 2.1
kde kde 3.2.3
xpdf xpdf 0.93
easy_software_products cups 1.1.12
pdftohtml pdftohtml 0.36
pdftohtml pdftohtml 0.33
xpdf xpdf 0.91
xpdf xpdf 2.1
kde koffice 1.3
kde koffice 1.3.3
tetex tetex 2.0.2
gnome gpdf 0.112
pdftohtml pdftohtml 0.35
gentoo linux *
easy_software_products cups 1.0.4
easy_software_products cups 1.1.4_5
xpdf xpdf 2.3
tetex tetex 1.0.7
easy_software_products cups 1.1.1
kde kde 3.2.2
suse suse_linux 9.1
pdftohtml pdftohtml 0.32a
xpdf xpdf 3.0
easy_software_products cups 1.1.15
pdftohtml pdftohtml 0.33a
kde kde 3.3.1
tetex tetex 2.0.1
easy_software_products cups 1.0.4_8
easy_software_products cups 1.1.6
tetex tetex 2.0
suse suse_linux 8.2
debian debian_linux 3.0
easy_software_products cups 1.1.4
easy_software_products cups 1.1.4_3
xpdf xpdf 1.0a
redhat enterprise_linux 2.1
kde koffice 1.3_beta2
easy_software_products cups 1.1.4_2
pdftohtml pdftohtml 0.32b
suse suse_linux 9.0
redhat fedora_core core_2.0
easy_software_products cups 1.1.10
xpdf xpdf 1.0
xpdf xpdf 0.90
CVE-2004-0889 HIGH

Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.1
easy_software_products cups 1.1.13
kde koffice 1.3_beta3
suse suse_linux 8.0
kde koffice 1.3.2
redhat enterprise_linux 3.0
ubuntu ubuntu_linux 4.1
kde kde 3.2.1
xpdf xpdf 1.1
easy_software_products cups 1.1.19
xpdf xpdf 0.92
kde kde 3.2
xpdf xpdf 2.0
kde kpdf 3.2
gnome gpdf 0.131
easy_software_products cups 1.1.16
kde kde 3.3
easy_software_products cups 1.1.20
kde koffice 1.3_beta1
easy_software_products cups 1.1.14
easy_software_products cups 1.1.7
pdftohtml pdftohtml 0.34
easy_software_products cups 1.1.18
easy_software_products cups 1.1.19_rc5
suse suse_linux 9.2
redhat enterprise_linux_desktop 3.0
easy_software_products cups 1.1.17
kde koffice 1.3.1
redhat linux_advanced_workstation 2.1
kde kde 3.2.3
xpdf xpdf 0.93
easy_software_products cups 1.1.12
pdftohtml pdftohtml 0.36
pdftohtml pdftohtml 0.33
xpdf xpdf 0.91
xpdf xpdf 2.1
kde koffice 1.3
kde koffice 1.3.3
tetex tetex 2.0.2
gnome gpdf 0.112
pdftohtml pdftohtml 0.35
gentoo linux *
easy_software_products cups 1.0.4
easy_software_products cups 1.1.4_5
xpdf xpdf 2.3
tetex tetex 1.0.7
easy_software_products cups 1.1.1
kde kde 3.2.2
suse suse_linux 9.1
pdftohtml pdftohtml 0.32a
xpdf xpdf 3.0
easy_software_products cups 1.1.15
pdftohtml pdftohtml 0.33a
kde kde 3.3.1
tetex tetex 2.0.1
easy_software_products cups 1.0.4_8
easy_software_products cups 1.1.6
tetex tetex 2.0
suse suse_linux 8.2
debian debian_linux 3.0
easy_software_products cups 1.1.4
easy_software_products cups 1.1.4_3
xpdf xpdf 1.0a
redhat enterprise_linux 2.1
kde koffice 1.3_beta2
easy_software_products cups 1.1.4_2
pdftohtml pdftohtml 0.32b
suse suse_linux 9.0
redhat fedora_core core_2.0
easy_software_products cups 1.1.10
xpdf xpdf 1.0
xpdf xpdf 0.90
CVE-2004-1125 HIGH

Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PDF file that causes the boundaries of a maskColors array to be exceeded.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
easy_software_products cups 1.1.20
kde kde 3.2.3
kde kde 3.3.2
xpdf xpdf 3.0
CVE-2004-1158 HIGH

Konqueror 3.x up to 3.2.2-6, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window or tab whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde konqueror 3.0.5b
kde konqueror 3.3.2
kde konqueror 3.1.5
kde konqueror 3.0.3
kde konqueror 3.2.3
kde konqueror 3.0.2
kde konqueror 2.2.1
kde konqueror 3.0.5
kde konqueror 3.1.2
mandrakesoft mandrake_linux 10.0
kde konqueror 2.2.2
kde konqueror 3.2.2.6
kde konqueror 3.3
kde konqueror 3.1
redhat fedora_core core_3.0
kde konqueror 3.1.1
kde konqueror 2.1.1
kde konqueror 3.0.1
mandrakesoft mandrake_linux 10.1
kde konqueror 3.2.1
kde konqueror 3.3.1
kde konqueror 3.1.3
kde konqueror 3.1.4
redhat fedora_core core_2.0
kde konqueror 2.1.2
kde konqueror 3.0
CVE-2004-1165 HIGH

Konqueror 3.3.1 allows remote attackers to execute arbitrary FTP commands via an ftp:// URL that contains a URL-encoded newline ("%0a") before the FTP command, which causes the commands to be inserted into the resulting FTP session, as demonstrated using a PORT command.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kdelibs 3.1.5
kde konqueror 3.3.1
kde kdelibs 3.1.3
kde kdelibs 3.1.4
kde kdelibs 3.2
kde kdelibs 3.1.1
kde kdelibs 3.1
kde kdelibs 3.1.2
kde kdelibs 3.2.2
kde kdelibs 3.2.1
CVE-2004-1171 LOW

KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are (1) manually entered by the user or (2) created by the SMB protocol handler, stores those credentials for plaintext in the user's .desktop file, which may be created with world-readable permissions, which could allow local users to obtain usernames and passwords for remote resources such as SMB shares.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde 3.2.2
kde kde 3.3
redhat fedora_core core_3.0
kde kde 3.2.3
kde kde 3.3.2
kde kde 3.3.1
kde kde 3.2
mandrakesoft mandrake_linux 10.1
mandrakesoft mandrake_linux 10.0
redhat fedora_core core_2.0
kde kde 3.2.1
CVE-2004-1491 MEDIUM

Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
suse suse_linux 8.1
suse suse_linux 8.0
suse suse_linux 2.0
gentoo linux *
suse suse_linux 5.0
suse suse_linux 7.3
suse suse_linux 5.1
opera opera_browser *
suse suse_linux 7.2
suse suse_linux 9.1
suse suse_linux 4.2
suse suse_linux 3.0
suse suse_linux 6.2
suse suse_linux 7.1
suse suse_linux 6.1
suse suse_linux 1.0
suse suse_linux 4.4
suse suse_linux 6.0
suse suse_linux 6.3
suse suse_linux 8.2
suse suse_linux 4.0
suse suse_linux 9.2
kde kde 3.2.3
suse suse_linux 4.3
suse suse_linux 5.3
suse suse_linux 4.4.1
suse suse_linux 6.4
suse suse_linux 7.0
suse suse_linux 9.0
suse suse_linux 5.2
CVE-2005-0011 HIGH

Multiple vulnerabilities in fliccd, when installed setuid root as part of the kdeedu Kstars support for Instrument Neutral Distributed Interface (INDI) in KDE 3.3 to 3.3.2, allow local users and remote attackers to execute arbitrary code via stack-based buffer overflows.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde 3.3
kde kde 3.3.2
kde kde 3.3.1
CVE-2005-0078 MEDIUM

The KDE screen saver in KDE before 3.0.5 does not properly check the return value from a certain function call, which allows attackers with physical access to cause a crash and access the desktop session.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde 3.0.3
kde kde 2.0
redhat enterprise_linux 3.0
kde kde 3.0_beta_1
kde kde 3.0.4
kde kde 3.0
kde kde 1.1.2
kde kde 1.1.1
kde kde 1.0
kde kde 2.1_beta1
kde kde 2.1
kde kde 3.0.1
kde kde 2.2
kde kde 1.1
kde kde 2.0.1
kde kde 2.1_beta2
kde kde 3.0_beta_2
debian debian_linux 3.0
redhat enterprise_linux_desktop 3.0
redhat linux_advanced_workstation 2.1
redhat enterprise_linux 2.1
kde kde 2.2.1
kde kde 3.0.2
kde kde 2.2_beta1
CVE-2005-0205 MEDIUM

KPPP 2.1.2 in KDE 3.1.5 and earlier, when setuid root without certain wrappers, does not properly close a privileged file descriptor for a domain socket, which allows local users to read and write to /etc/hosts and /etc/resolv.conf and gain control over DNS name resolution by opening a number of file descriptors before executing kppp.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde 3.1.4
kde kde 3.1.3
kde kde 3.1.1
kde kde 3.1.5
kde kde 3.1
bernd_wuebben kppp 2.1.2
kde kde 3.1.2
CVE-2005-0206 HIGH

The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat linux 9.0
easy_software_products cups 1.1.13
suse suse_linux 8.0
redhat enterprise_linux 3.0
suse suse_linux 2.0
suse suse_linux 5.0
suse suse_linux 7.3
suse suse_linux 5.1
ubuntu ubuntu_linux 4.1
easy_software_products cups 1.1.19
kde kde 3.2
kde kpdf 3.2
suse suse_linux 6.2
kde kde 3.3
redhat fedora_core core_3.0
redhat fedora_core core_1.0
pdftohtml pdftohtml 0.34
suse suse_linux 9.2
kde koffice 1.3.1
xpdf xpdf 0.93
easy_software_products cups 1.1.12
suse suse_linux 4.3
suse suse_linux 5.3
suse suse_linux 6.4
pdftohtml pdftohtml 0.36
pdftohtml pdftohtml 0.33
xpdf xpdf 0.91
xpdf xpdf 2.1
kde koffice 1.3
gnome gpdf 0.110
kde koffice 1.3.3
pdftohtml pdftohtml 0.35
gentoo linux *
easy_software_products cups 1.0.4
easy_software_products cups 1.1.4_5
xpdf xpdf 2.3
tetex tetex 1.0.7
easy_software_products cups 1.1.1
cstex cstetex 2.0.2
suse suse_linux 9.1
easy_software_products cups 1.1.15
pdftohtml pdftohtml 0.33a
tetex tetex 2.0.1
easy_software_products cups 1.0.4_8
easy_software_products cups 1.1.6
suse suse_linux 8.2
sgi advanced_linux_environment 3.0
easy_software_products cups 1.1.4
suse suse_linux 9.0
easy_software_products cups 1.1.10
suse suse_linux 5.2
suse suse_linux 8.1
ascii ptex 3.1.4
kde koffice 1.3_beta3
kde koffice 1.3.2
tetex tetex 1.0.6
kde kde 3.2.1
xpdf xpdf 1.1
suse suse_linux 7.2
xpdf xpdf 0.92
suse suse_linux 4.2
xpdf xpdf 2.0
gnome gpdf 0.131
easy_software_products cups 1.1.16
easy_software_products cups 1.1.20
kde koffice 1.3_beta1
suse suse_linux 7.1
easy_software_products cups 1.1.14
easy_software_products cups 1.1.7
suse suse_linux 1.0
suse suse_linux 4.4
sgi propack 3.0
easy_software_products cups 1.1.18
easy_software_products cups 1.1.19_rc5
redhat enterprise_linux_desktop 3.0
easy_software_products cups 1.1.17
redhat linux_advanced_workstation 2.1
kde kde 3.2.3
tetex tetex 2.0.2
gnome gpdf 0.112
kde kde 3.2.2
pdftohtml pdftohtml 0.32a
xpdf xpdf 3.0
suse suse_linux 3.0
kde kde 3.3.1
suse suse_linux 6.1
suse suse_linux 6.0
tetex tetex 2.0
suse suse_linux 6.3
suse suse_linux 4.0
debian debian_linux 3.0
mandrakesoft mandrake_linux_corporate_server 3.0
easy_software_products cups 1.1.4_3
xpdf xpdf 1.0a
redhat enterprise_linux 2.1
kde koffice 1.3_beta2
suse suse_linux 4.4.1
easy_software_products cups 1.1.4_2
pdftohtml pdftohtml 0.32b
suse suse_linux 7.0
redhat fedora_core core_2.0
xpdf xpdf 1.0
xpdf xpdf 0.90
CVE-2005-0237 MEDIUM

The International Domain Name (IDN) support in Konqueror 3.2.1 on KDE 3.2.1 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde konqueror 3.2.1
kde kde 3.2.1
CVE-2005-0365 LOW

The dcopidlng script in KDE 3.2.x and 3.3.x creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde 3.3.x
kde kde 3.2.x
CVE-2005-0396 LOW

Desktop Communication Protocol (DCOP) daemon, aka dcopserver, in KDE before 3.4 allows local users to cause a denial of service (dcopserver consumption) by "stalling the DCOP authentication process."

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde desktop_communication_protocol_daemon *
kde dcopserver *
CVE-2005-0404 MEDIUM

KMail 1.7.1 in KDE 3.3.2 allows remote attackers to spoof email information, such as whether the email has been digitally signed or encrypted, via HTML formatted email.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde 3.3.2
kmail kmail 1.7.1
CVE-2005-0754 HIGH

Kommander in KDE 3.2 through KDE 3.4.0 executes data files without confirmation from the user, which allows remote attackers to execute arbitrary code.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde 3.3
redhat fedora_core core_3.0
kde kde 3.3.1
ubuntu ubuntu_linux 5.04
kde quanta 3.1
gentoo linux *
conectiva linux 10.0
ubuntu ubuntu_linux 4.1
kde kde 3.2.1
kde kde 3.2.2
kde kde 3.2.3
kde kde 3.4
kde kde 3.3.2
kde kde 3.2
conectiva linux 9.0
CVE-2005-1046 HIGH

Buffer overflow in the kimgio library for KDE 3.4.0 allows remote attackers to execute arbitrary code via a crafted PCX image file.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde 3.4.0
CVE-2005-1852 HIGH

Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-189,

Products Affected

Vendor Product Version
kde kde 3.3
kde kde 3.4.0
kde kde 3.3.1
ekg ekg 1.3
ekg ekg 1.0_rc3
ekg ekg 1.0
ekg ekg 1.4
kadu kadu *
centericq centericq *
ekg ekg 1.5_rc1
kde kde 3.2.3
kde kde 3.4
kde kde 3.3.2
ekg ekg 1.1
kde kde 3.4.1
ekg ekg 1.5
ekg ekg 1.5_rc2
ekg ekg 1.0_rc2
ekg ekg 1.1_rc2
ekg ekg 1.1_rc1
CVE-2005-1920 MEDIUM

The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote attackers to obtain sensitive information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-281,

Products Affected

Vendor Product Version
kde kde *
debian debian_linux 3.1
CVE-2005-2097 LOW

xpdf and kpdf do not properly validate the "loca" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a "broken" loca table, which causes a large temporary file to be created when xpdf attempts to reconstruct the information.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kpdf *
xpdf xpdf 3.0_pl3
xpdf xpdf 3.0
xpdf xpdf 3.0_pl2
CVE-2005-2101 MEDIUM

langen2kvtml in KDE 3.0 to 3.4.2 creates insecure temporary files in /tmp with predictable names, which allows local users to overwrite arbitrary files.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde 3.1.4
kde kde 3.0.3
kde kde 3.0.5a
kde kde 3.1.1
kde kde 3.0.4
kde kde 3.1.5
kde kde 3.0
kde kde 3.1
kde kde 3.2.1
kde kde 3.2.2
kde kde 3.1_alpha1
kde kde 3.2
kde kde 3.1.2
kde kde 3.3
kde kde 3.0.1
kde kde 3.3.1
kde kde 3.0.5
kde kde 3.2.0_beta1
kde kde 3.4.2
kde kde 3.2.3
kde kde 3.4
kde kde 3.3.2
kde kde 3.4.1
kde kde 3.1.3
kde kde 3.1_beta2
kde kde 3.1_beta1
kde kde 3.0.2
CVE-2005-2494 HIGH

kcheckpass in KDE 3.2.0 up to 3.4.2 allows local users to gain root access via a symlink attack on lock files.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde 3.2.2
kde kde 3.2.3
kde kde 3.3.2
kde kde 3.4.0
kde kde 3.2.0
kde kde 3.3.1
kde kde 3.4.1
kde kde 3.3.0
kde kde 3.2.1
kde kde 3.4.2
CVE-2005-2971 HIGH

Heap-based buffer overflow in the KWord RTF importer for KOffice 1.2.0 through 1.4.1 allows remote attackers to execute arbitrary code via a crafted RTF file.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde koffice 1.4.1
kde koffice 1.3_beta1
kde koffice 1.3_beta3
kde koffice 1.3
kde koffice 1.3.2
kde koffice 1.3.3
kde koffice 1.3.4
kde koffice 1.3.5
kde koffice 1.3.1
kde koffice 1.3_beta2
kde koffice 1.2.1
kde koffice 1.2
kde koffice 1.4
CVE-2005-3624 MEDIUM

The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-189,

Products Affected

Vendor Product Version
redhat linux 9.0
redhat enterprise_linux 3.0
libextractor libextractor *
slackware slackware_linux 10.0
conectiva linux 10.0
ubuntu ubuntu_linux 4.1
redhat enterprise_linux 4.0
turbolinux turbolinux_workstation 8.0
poppler poppler 0.4.2
turbolinux turbolinux_personal *
kde kpdf 3.2
slackware slackware_linux 9.1
redhat fedora_core core_3.0
kde kword 1.4.2
redhat fedora_core core_1.0
suse suse_linux 1.0
sgi propack 3.0
redhat enterprise_linux_desktop 4.0
mandrakesoft mandrake_linux_corporate_server 2.1
suse suse_linux 9.2
redhat enterprise_linux_desktop 3.0
redhat linux_advanced_workstation 2.1
suse suse_linux 10.0
turbolinux turbolinux fuji
turbolinux turbolinux_server 10.0
easy_software_products cups 1.1.23_rc1
turbolinux turbolinux_desktop 10.0
easy_software_products cups 1.1.22
kde koffice 1.4
kde koffice 1.4.1
slackware slackware_linux 10.1
redhat linux 7.3
turbolinux turbolinux_multimedia *
kde kpdf 3.4.3
suse suse_linux 9.3
tetex tetex 2.0.2
ubuntu ubuntu_linux 5.10
gentoo linux *
tetex tetex 3.0
slackware slackware_linux 10.2
tetex tetex 1.0.7
kde koffice 1.4.2
turbolinux turbolinux_server 10.0_x86
turbolinux turbolinux_appliance_server 1.0_hosting_edition
suse suse_linux 9.1
trustix secure_linux 2.2
sco openserver 5.0.7
trustix secure_linux 2.0
xpdf xpdf 3.0
mandrakesoft mandrake_linux 2006
slackware slackware_linux 9.0
trustix secure_linux 3.0
turbolinux turbolinux_home *
kde kdegraphics 3.4.3
easy_software_products cups 1.1.22_rc1
tetex tetex 2.0.1
turbolinux turbolinux_appliance_server 1.0_workgroup_edition
ubuntu ubuntu_linux 5.04
tetex tetex 2.0
mandrakesoft mandrake_linux 10.1
easy_software_products cups 1.1.23
redhat fedora_core core_4.0
turbolinux turbolinux 10
kde kdegraphics 3.2
debian debian_linux 3.0
mandrakesoft mandrake_linux_corporate_server 3.0
redhat enterprise_linux 2.1
turbolinux turbolinux_server 8.0
suse suse_linux 9.0
redhat fedora_core core_2.0
sco openserver 6.0
mandrakesoft mandrake_linux 10.2
debian debian_linux 3.1
CVE-2005-3625 HIGH

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
redhat linux 9.0
redhat enterprise_linux 3.0
libextractor libextractor *
slackware slackware_linux 10.0
conectiva linux 10.0
ubuntu ubuntu_linux 4.1
redhat enterprise_linux 4.0
turbolinux turbolinux_workstation 8.0
poppler poppler 0.4.2
turbolinux turbolinux_personal *
kde kpdf 3.2
slackware slackware_linux 9.1
redhat fedora_core core_3.0
kde kword 1.4.2
redhat fedora_core core_1.0
suse suse_linux 1.0
sgi propack 3.0
redhat enterprise_linux_desktop 4.0
mandrakesoft mandrake_linux_corporate_server 2.1
suse suse_linux 9.2
redhat enterprise_linux_desktop 3.0
redhat linux_advanced_workstation 2.1
suse suse_linux 10.0
turbolinux turbolinux fuji
turbolinux turbolinux_server 10.0
easy_software_products cups 1.1.23_rc1
turbolinux turbolinux_desktop 10.0
easy_software_products cups 1.1.22
kde koffice 1.4
kde koffice 1.4.1
slackware slackware_linux 10.1
redhat linux 7.3
turbolinux turbolinux_multimedia *
kde kpdf 3.4.3
suse suse_linux 9.3
tetex tetex 2.0.2
ubuntu ubuntu_linux 5.10
gentoo linux *
tetex tetex 3.0
slackware slackware_linux 10.2
tetex tetex 1.0.7
kde koffice 1.4.2
turbolinux turbolinux_server 10.0_x86
turbolinux turbolinux_appliance_server 1.0_hosting_edition
suse suse_linux 9.1
trustix secure_linux 2.2
sco openserver 5.0.7
trustix secure_linux 2.0
xpdf xpdf 3.0
mandrakesoft mandrake_linux 2006
slackware slackware_linux 9.0
trustix secure_linux 3.0
turbolinux turbolinux_home *
kde kdegraphics 3.4.3
easy_software_products cups 1.1.22_rc1
tetex tetex 2.0.1
turbolinux turbolinux_appliance_server 1.0_workgroup_edition
ubuntu ubuntu_linux 5.04
tetex tetex 2.0
mandrakesoft mandrake_linux 10.1
easy_software_products cups 1.1.23
redhat fedora_core core_4.0
turbolinux turbolinux 10
kde kdegraphics 3.2
debian debian_linux 3.0
mandrakesoft mandrake_linux_corporate_server 3.0
redhat enterprise_linux 2.1
turbolinux turbolinux_server 8.0
suse suse_linux 9.0
redhat fedora_core core_2.0
sco openserver 6.0
mandrakesoft mandrake_linux 10.2
debian debian_linux 3.1
CVE-2005-3626 MEDIUM

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
redhat linux 9.0
redhat enterprise_linux 3.0
libextractor libextractor *
slackware slackware_linux 10.0
conectiva linux 10.0
ubuntu ubuntu_linux 4.1
redhat enterprise_linux 4.0
turbolinux turbolinux_workstation 8.0
poppler poppler 0.4.2
turbolinux turbolinux_personal *
kde kpdf 3.2
slackware slackware_linux 9.1
redhat fedora_core core_3.0
kde kword 1.4.2
redhat fedora_core core_1.0
suse suse_linux 1.0
sgi propack 3.0
redhat enterprise_linux_desktop 4.0
mandrakesoft mandrake_linux_corporate_server 2.1
suse suse_linux 9.2
redhat enterprise_linux_desktop 3.0
redhat linux_advanced_workstation 2.1
suse suse_linux 10.0
turbolinux turbolinux fuji
turbolinux turbolinux_server 10.0
easy_software_products cups 1.1.23_rc1
turbolinux turbolinux_desktop 10.0
easy_software_products cups 1.1.22
kde koffice 1.4
kde koffice 1.4.1
slackware slackware_linux 10.1
redhat linux 7.3
turbolinux turbolinux_multimedia *
kde kpdf 3.4.3
suse suse_linux 9.3
tetex tetex 2.0.2
ubuntu ubuntu_linux 5.10
gentoo linux *
tetex tetex 3.0
slackware slackware_linux 10.2
tetex tetex 1.0.7
kde koffice 1.4.2
turbolinux turbolinux_server 10.0_x86
turbolinux turbolinux_appliance_server 1.0_hosting_edition
suse suse_linux 9.1
trustix secure_linux 2.2
sco openserver 5.0.7
trustix secure_linux 2.0
xpdf xpdf 3.0
mandrakesoft mandrake_linux 2006
slackware slackware_linux 9.0
trustix secure_linux 3.0
turbolinux turbolinux_home *
kde kdegraphics 3.4.3
easy_software_products cups 1.1.22_rc1
tetex tetex 2.0.1
turbolinux turbolinux_appliance_server 1.0_workgroup_edition
ubuntu ubuntu_linux 5.04
tetex tetex 2.0
mandrakesoft mandrake_linux 10.1
easy_software_products cups 1.1.23
redhat fedora_core core_4.0
turbolinux turbolinux 10
kde kdegraphics 3.2
debian debian_linux 3.0
mandrakesoft mandrake_linux_corporate_server 3.0
redhat enterprise_linux 2.1
turbolinux turbolinux_server 8.0
suse suse_linux 9.0
redhat fedora_core core_2.0
sco openserver 6.0
mandrakesoft mandrake_linux 10.2
debian debian_linux 3.1
CVE-2005-4684 MEDIUM

Konqueror can associate a cookie with multiple domains when the DNS resolver has a non-root domain in its search list, which allows remote attackers to trick a user into accepting a cookie for a hostname formed via search-list expansion of the hostname entered by the user, or steal a cookie for an expanded hostname, as demonstrated by an attacker who operates an ap1.com Internet web site to steal cookies associated with an ap1.com.example.com intranet web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde konqueror 3.1
kde konqueror 3.0.5b
kde konqueror 3.1.1
kde konqueror 2.1.1
kde konqueror 3.3.2
kde konqueror 3.0.1
kde konqueror 3.1.5
kde konqueror 3.0.3
kde konqueror 3.2.3
kde konqueror 3.2.1
kde konqueror 3.0.2
kde konqueror 2.2.1
kde konqueror 3.0.5
kde konqueror 3.3.1
kde konqueror 3.1.2
kde konqueror 0.1
kde konqueror 3.1.3
kde konqueror 3.1.4
kde konqueror 2.2.2
kde konqueror 3.2.2.6
kde konqueror 3.3
kde konqueror 2.1.2
kde konqueror 3.0
CVE-2006-0019 HIGH

Heap-based buffer overflow in the encodeURI and decodeURI functions in the kjs JavaScript interpreter engine in KDE 3.2.0 through 3.5.0 allows remote attackers to execute arbitrary code via a crafted, UTF-8 encoded URI.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde 3.3
kde kde 3.5.0
kde kde 3.4.0
kde kde 3.2.0
kde kde 3.3.1
kde kde 3.3.x
kde kde 3.2.x
kde kde 3.2.0_beta1
kde kde 3.2.1
kde kde 3.4.2
kde kde 3.2.2
kde kde 3.2.3
kde kde 3.4
kde kde 3.3.2
kde kde 3.4.1
kde kde 3.2
kde kde 3.3.0
CVE-2006-2449 MEDIUM

KDE Display Manager (KDM) in KDE 3.2.0 up to 3.5.3 allows local users to read arbitrary files via a symlink attack related to the session type for login.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde 3.3
kde kde 3.3.1
kde kde 3.4.3
kde kde 3.2.1
kde kde 3.4.2
kde kde 3.2.2
kde kde 3.5.2
kde kde 3.2.3
kde kde 3.4
kde kde 3.3.2
kde kde 3.4.1
kde kde 3.5
kde kde 3.2
kde kde 3.5.3
CVE-2006-2916 MEDIUM

artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-273,

Products Affected

Vendor Product Version
kde arts 1.2
kde arts 1.0
CVE-2006-3672 LOW

KDE Konqueror 3.5.1 and earlier allows remote attackers to cause a denial of service (application crash) by calling the replaceChild method on a DOM object, which triggers a null dereference, as demonstrated by calling document.replaceChild with a 0 (zero) argument.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde konqueror 3.0.5b
kde konqueror 3.3.2
kde konqueror 3.1.5
kde konqueror 3.0.3
kde konqueror 3.2.3
kde konqueror 3.0.2
kde konqueror 2.2.1
kde konqueror 3.0.5
kde konqueror 3.1.2
kde konqueror 2.2.2
kde konqueror 3.2.2.6
kde konqueror 3.3
kde konqueror 3.1
kde konqueror 3.1.1
kde konqueror 2.1.1
kde konqueror 3.0.1
kde konqueror *
kde konqueror 3.2.1
kde konqueror 3.2.2
kde konqueror 3.3.1
kde konqueror 3.1.3
kde konqueror 3.1.4
kde konqueror 2.1.2
kde konqueror 3.0
CVE-2006-6811 MEDIUM

KsIRC 1.3.12 allows remote attackers to cause a denial of service (crash) via a long PRIVMSG string when connecting to an Internet Relay Chat (IRC) server, which causes an assertion failure and results in a NULL pointer dereference. NOTE: this issue was originally reported as a buffer overflow.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-617,

Products Affected

Vendor Product Version
canonical ubuntu_linux 5.10
canonical ubuntu_linux 6.10
canonical ubuntu_linux 6.06
kde ksirc 1.3.12
CVE-2010-0436 MEDIUM

Race condition in backend/ctrl.c in KDM in KDE Software Compilation (SC) 2.2.0 through 4.4.2 allows local users to change the permissions of arbitrary files, and consequently gain privileges, by blocking the removal of a certain directory that contains a control socket, related to improper interaction with ksm.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,

Products Affected

Vendor Product Version
kde kde_sc 4.4.0
kde kde_sc 4.3.4
kde kde_sc 4.1.2
kde kde_sc 4.3.1
kde kde_sc 4.2.2
kde kde_sc 2.2.0
kde kde_sc 4.3.0
kde kde_sc 4.3.5
kde kde_sc 3.5.10
kde kde_sc 4.4.2
kde kde_sc 4.4.1
CVE-2010-0923 MEDIUM

Race condition in workspace/krunner/lock/lockdlg.cc in the KRunner lock module in kdebase in KDE SC 4.4.0 allows physically proximate attackers to bypass KScreenSaver screen locking and access an unattended workstation by pressing the Enter key at a certain time, related to multiple forked processes.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,

Products Affected

Vendor Product Version
kde kde_sc 4.4.0
CVE-2010-1000 MEDIUM

Directory traversal vulnerability in KGet in KDE SC 4.0.0 through 4.4.3 allows remote attackers to create arbitrary files via directory traversal sequences in the name attribute of a file element in a metalink file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
kde kde_sc 4.3.4
kde kde_sc 4.0.2
kde kde_sc 4.2.1
kde kde_sc 4.0.0
kde kde_sc 4.4.3
kde kde_sc 4.3.0
kde kde_sc 4.3.5
kde kde_sc 4.3.3
kde kde_sc 4.4.1
kde kde_sc 4.1.3
kde kde_sc 4.2.4
kde kde_sc 4.0.4
kde kde_sc 4.2.2
kde kde_sc 4.1.0
kde kde_sc 4.1.4
kde kde_sc 4.3.2
kde kde_sc 4.4.0
kde kde_sc 4.1.80
kde kde_sc 4.0.3
kde kde_sc 4.0.5
kde kde_sc 4.2.0
kde kde_sc 4.1.85
kde kde_sc 4.1.1
kde kde_sc 4.2
kde kde_sc 4.4.2
kde kde_sc 4.2.3
kde kde_sc 4.1.2
kde kde_sc 4.3.1
kde kde_sc 4.0.1
kde kde_sc 4.1.96
CVE-2010-1511 MEDIUM

KGet 2.4.2 in KDE SC 4.0.0 through 4.4.3 does not properly request download confirmation from the user, which makes it easier for remote attackers to overwrite arbitrary files via a crafted metalink file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
kde kde_sc 4.3.4
kde kde_sc 4.0.2
kde kde_sc 4.2.1
kde kde_sc 4.0.0
kde kde_sc 4.4.3
kde kde_sc 4.3.0
kde kde_sc 4.3.5
kde kde_sc 4.3.3
kde kde_sc 3.5.10
kde kget 2.4.2
kde kde_sc 4.4.1
kde kde_sc 4.1.3
kde kde_sc 4.2.4
kde kde_sc 4.0.4
kde kde_sc 4.2.2
kde kde_sc 2.2.0
kde kde_sc 4.1.0
kde kde_sc 4.1.4
kde kde_sc 4.3.2
kde kde_sc 4.4.0
kde kde_sc 4.1.80
kde kde_sc 4.0.3
kde kde_sc 4.0.5
kde kde_sc 4.2.0
kde kde_sc 4.1.85
kde kde_sc 4.1.1
kde kde_sc 4.2
kde kde_sc 4.4.2
kde kde_sc 4.2.3
kde kde_sc 4.1.2
kde kde_sc 4.3.1
kde kde_sc 4.0.1
kde kde_sc 4.1.96
CVE-2010-2575 MEDIUM

Heap-based buffer overflow in the RLE decompression functionality in the TranscribePalmImageToJPEG function in generators/plucker/inplug/image.cpp in Okular in KDE SC 4.3.0 through 4.5.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image in a PDB file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
kde kde_sc 4.3.2
kde kde_sc 4.4.0
kde kde_sc 4.3.4
kde kde_sc 4.4.4
kde kde_sc 4.4.5
kde kde_sc 4.4.3
kde kde_sc 4.3.0
kde kde_sc 4.3.5
kde kde_sc 4.3.3
kde kde_sc 4.4.2
kde kde_sc 4.4.1
kde kde_sc 4.5.0
kde kde_sc 4.3.1
CVE-2010-3704 MEDIUM

The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
glyphandcog xpdfreader 0.2
poppler poppler 0.14.0
poppler poppler 0.10.2
glyphandcog xpdfreader 2.01
foolabs xpdf 3.02pl3
poppler poppler 0.10.5
poppler poppler 0.9.1
poppler poppler 0.15.1
poppler poppler 0.15.0
foolabs xpdf 0.92e
poppler poppler 0.9.0
poppler poppler 0.13.2
glyphandcog xpdfreader 0.5
poppler poppler 0.12.1
poppler poppler 0.14.5
foolabs xpdf 3.0.1
foolabs xpdf 3.02pl1
foolabs xpdf 0.92c
glyphandcog xpdfreader 0.93
foolabs xpdf 0.91b
foolabs xpdf 0.92d
glyphandcog xpdfreader 0.4
glyphandcog xpdfreader 3.01
poppler poppler 0.11.0
glyphandcog xpdfreader 0.80
glyphandcog xpdfreader 2.02
glyphandcog xpdfreader 0.92
poppler poppler 0.14.3
foolabs xpdf 0.7a
poppler poppler 0.11.1
poppler poppler 0.14.4
glyphandcog xpdfreader 0.3
glyphandcog xpdfreader 1.00
foolabs xpdf 3.02pl2
poppler poppler 0.10.7
poppler poppler 0.12.0
foolabs xpdf 0.92b
foolabs xpdf 0.93a
kde kdegraphics *
poppler poppler 0.14.1
poppler poppler 0.10.0
foolabs xpdf 0.93c
poppler poppler 0.12.4
poppler poppler 0.10.4
glyphandcog xpdfreader 3.02
foolabs xpdf 0.92a
poppler poppler 0.8.7
poppler poppler 0.9.2
poppler poppler 0.10.6
glyphandcog xpdfreader 3.00
poppler poppler 0.13.1
glyphandcog xpdfreader 0.7
poppler poppler 0.11.2
poppler poppler 0.14.2
poppler poppler 0.13.4
poppler poppler 0.13.3
foolabs xpdf 0.91a
glyphandcog xpdfreader 0.90
glyphandcog xpdfreader 0.91
foolabs xpdf 0.5a
poppler poppler 0.10.1
poppler poppler 0.12.3
foolabs xpdf 0.91c
glyphandcog xpdfreader 2.03
poppler poppler 0.12.2
poppler poppler 0.11.3
foolabs xpdf 0.93b
glyphandcog xpdfreader 0.6
glyphandcog xpdfreader *
glyphandcog xpdfreader 2.00
poppler poppler 0.9.3
poppler poppler 0.10.3
poppler poppler 0.13.0
foolabs xpdf 1.00a
glyphandcog xpdfreader 1.01
CVE-2011-1168 MEDIUM

Cross-site scripting (XSS) vulnerability in the KHTMLPart::htmlError function in khtml/khtml_part.cpp in Konqueror in KDE SC 4.4.0 through 4.6.1 allows remote attackers to inject arbitrary web script or HTML via the URI in a URL corresponding to an unavailable web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
kde kde_sc 4.6.1
kde kde_sc 4.4.0
kde kde_sc 4.4.4
kde kde_sc 4.6.0
kde kde_sc 4.6
kde kde_sc 4.4.5
kde kde_sc 4.5.3
kde kde_sc 4.5.5
kde kde_sc 4.4.3
kde kde_sc 4.4.2
kde kde_sc 4.4.1
kde kde_sc 4.5.1
kde kde_sc 4.5.0
kde kde_sc 4.5.4
kde kde_sc 4.5.2
CVE-2011-1586 MEDIUM

Directory traversal vulnerability in the KGetMetalink::File::isValidNameAttr function in ui/metalinkcreator/metalinker.cpp in KGet in KDE SC 4.6.2 and earlier allows remote attackers to create arbitrary files via a .. (dot dot) in the name attribute of a file element in a metalink file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-1000.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
kde kde_sc 4.3.4
kde kde_sc 4.4.4
kde kde_sc 4.0.2
kde kde_sc 4.2.1
kde kde_sc 4.0.0
kde kde_sc 4.6.0
kde kde_sc 4.6
kde kde_sc 4.4.5
kde kde_sc 4.5.3
kde kde_sc 4.5.5
kde kde_sc 4.4.3
kde kde_sc 4.3.0
kde kde_sc 4.3.5
kde kde_sc 4.3.3
kde kde_sc 3.5.10
kde kde_sc 4.4.1
kde kde_sc 4.1.3
kde kde_sc 4.2.4
kde kde_sc 4.5.4
kde kde_sc *
kde kde_sc 4.0.4
kde kde_sc 4.2.2
kde kde_sc 2.2.0
kde kde_sc 4.5.2
kde kde_sc 4.1.0
kde kde_sc 4.1.4
kde kde_sc 4.6.1
kde kde_sc 4.3.2
kde kde_sc 4.4.0
kde kde_sc 4.1.80
kde kde_sc 4.0.3
kde kde_sc 4.0.5
kde kde_sc 4.2.0
kde kde_sc 4.1.85
kde kde_sc 4.1.1
kde kde_sc 4.2
kde kde_sc 4.4.2
kde kde_sc 4.5.1
kde kde_sc 4.2.3
kde kde_sc 4.5.0
kde kde_sc 4.1.2
kde kde_sc 4.3.1
kde kde_sc 4.0.1
kde kde_sc 4.1.96
CVE-2011-3365 MEDIUM

The KDE SSL Wrapper (KSSL) API in KDE SC 4.6.0 through 4.7.1, and possibly earlier versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name (CN) of a certificate via rich text.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
kde kde_sc 4.6.1
kde kde_sc 4.6.5
kde kde_sc 4.6.2
kde kde_sc 4.7.1
kde kde_sc 4.6.0
kde kde_sc 4.7.0
kde kde_sc 4.6.3
kde kde_sc 4.6.4
CVE-2011-5054 MEDIUM

kcheckpass passes a user-supplied argument to the pam_start function, often within a setuid environment, which allows local users to invoke any configured PAM stack, and possibly trigger unintended side effects, via an arbitrary valid PAM service name, a different vulnerability than CVE-2011-4122. NOTE: the vendor indicates that the possibility of resultant privilege escalation may be "a bit far-fetched."

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,

Products Affected

Vendor Product Version
kde kcheckpass *
CVE-2012-3455 HIGH

Heap-based buffer overflow in the read function in filters/words/msword-odf/wv2/src/styles.cpp in the Microsoft import filter in KOffice 2.3.3 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted ODF style in an ODF document. NOTE: this is the same vulnerability as CVE-2012-3456, but it was SPLIT by the CNA even though Calligra and KOffice share the same codebase.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
kde koffice 1.4.1
kde koffice 1.3
kde koffice 1.3.2
kde koffice 1.3.3
kde koffice 1.3.4
kde koffice 1.3.5
kde koffice 1.6.1
kde koffice 1.4.2
kde koffice 1.3.1
kde koffice *
kde koffice 1.2.1
kde koffice 1.2
kde koffice 1.4
CVE-2012-4512 MEDIUM

The CSS parser (khtml/css/cssparser.cpp) in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via a crafted font face source, related to "type confusion."

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-843,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_server_eus 6.3
kde kde 4.7.3
redhat enterprise_linux 6.0
CVE-2013-2074 MEDIUM

kioslave/http/http.cpp in KIO in kdelibs 4.10.3 and earlier allows attackers to discover credentials via a crafted request that triggers an "internal server error," which includes the username and password in an error message.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
kde kdelibs 4.10.2
kde kdelibs 4.10.1
kde kdelibs 4.10.0
kde kdelibs *
CVE-2013-2120 LOW

The %{password(...)} macro in pastemacroexpander.cpp in the KDE Paste Applet before 4.10.5 in kdeplasma-addons does not properly generate passwords, which allows context-dependent attackers to bypass authentication via a brute-force attack.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.4 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 2.5 5.9

CVSS 2.0

Severity: LOW

Problem Type: CWE-287,

Products Affected

Vendor Product Version
kde paste_applet *
CVE-2013-2213 LOW

The KRandom::random function in KDE Paste Applet after 4.10.5 in kdeplasma-addons uses the GNU C Library rand function's linear congruential generator, which makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by predicting the generator output.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 1.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-327,

Products Affected

Vendor Product Version
kde paste_applet *
CVE-2013-4132 MEDIUM

KDE-Workspace 4.10.5 and earlier does not properly handle the return value of the glibc 2.17 crypt and pw_encrypt functions, which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via (1) an invalid salt or a (2) DES or (3) MD5 encrypted password, when FIPS-140 is enable, to KDM or an (4) invalid password to KCheckPass.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-310,

Products Affected

Vendor Product Version
kde kde_sc *
opensuse opensuse 12.2
kde kde-workspace *
CVE-2013-4133 HIGH

kde-workspace before 4.10.5 has a memory leak in plasma desktop

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: HIGH

Problem Type: CWE-404,

Products Affected

Vendor Product Version
debian debian_linux 8.0
kde kde-workspace *
CVE-2013-7252 MEDIUM

kwalletd in KWallet before KDE Applications 14.12.0 uses Blowfish with ECB mode instead of CBC mode when encrypting the password store, which makes it easier for attackers to guess passwords via a codebook attack.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-310,

Products Affected

Vendor Product Version
kde kde_applications *
CVE-2014-3494 MEDIUM

kio/usernotificationhandler.cpp in the POP3 kioslave in kdelibs 4.10.95 before 4.13.3 does not properly generate warning notifications, which allows man-in-the-middle attackers to obtain sensitive information via an invalid certificate.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
kde kdelibs 4.12.0
kde kdelibs 4.12.1
kde kdelibs 4.11.97
opensuse opensuse 13.1
kde kdelibs 4.11.0
kde kdelibs 4.11.80
kde kdelibs 4.12.90
kde kdelibs 4.12.95
kde kdelibs 4.12.4
kde kdelibs 4.11.2
kde kdelibs 4.13.1
kde kdelibs 4.12.2
kde kdelibs 4.12.97
kde kdelibs 4.11.5
kde kdelibs 4.12.3
kde kdelibs 4.10.97
kde kdelibs 4.11.3
kde kdelibs 4.12.5
kde kdelibs 4.12.80
kde kdelibs 4.13.0
kde kdelibs 4.11.1
kde kdelibs 4.11.4
kde kdelibs 4.11.90
kde kdelibs 4.11.95
CVE-2014-5033 MEDIUM

KDE kdelibs before 4.14 and kauth before 5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, related to CVE-2013-4288 and "PID reuse race conditions."

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,

Products Affected

Vendor Product Version
kde kdelibs 4.12.0
kde kdelibs 4.10.3
kde kdelibs 4.10.0
kde kdelibs *
kde kdelibs 4.12.1
kde kdelibs 4.11.97
kde kdelibs 4.11.0
kde kdelibs 4.11.80
kde kdelibs 4.10.2
kde kdelibs 4.12.90
kde kdelibs 4.12.95
kde kdelibs 4.12.4
kde kdelibs 4.11.2
kde kdelibs 4.13.90
kde kdelibs 4.13.1
kde kdelibs 4.13.2
kde kdelibs 4.12.2
kde kdelibs 4.12.97
kde kdelibs 4.11.5
kde kdelibs 4.12.3
kde kdelibs 4.10.1
kde kdelibs 4.10.97
kde kdelibs 4.11.3
canonical ubuntu_linux 14.04
kde kauth *
kde kdelibs 4.12.5
kde kdelibs 4.12.80
kde kdelibs 4.10.95
kde kdelibs 4.13.0
kde kdelibs 4.11.1
debian kde4libs -
kde kdelibs 4.11.4
kde kdelibs 4.13.80
kde kdelibs 4.13.95
kde kdelibs 4.11.90
kde kdelibs 4.11.95
kde kdelibs 4.13.3
canonical ubuntu_linux 12.04
CVE-2014-8600 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in KDE-Runtime 4.14.3 and earlier, kwebkitpart 1.3.4 and earlier, and kio-extras 5.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via a crafted URI using the (1) zip, (2) trash, (3) tar, (4) thumbnail, (5) smtps, (6) smtp, (7) smb, (8) remote, (9) recentdocuments, (10) nntps, (11) nntp, (12) network, (13) mbox, (14) ldaps, (15) ldap, (16) fonts, (17) file, (18) desktop, (19) cgi, (20) bookmarks, or (21) ar scheme, which is not properly handled in an error message.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
urs_wolfer kwebkitpart *
kde kde-runtime *
kde kio-extras *
opensuse opensuse 13.1
CVE-2014-8651 HIGH

The KDE Clock KCM policykit helper in kde-workspace before 4.11.14 and plasma-desktop before 5.1.1 allows local users to gain privileges via a crafted ntpUtility (ntp utility name) argument.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
kde plasma-desktop *
kde kde-workspace *
CVE-2014-8878 MEDIUM

KDE KMail does not encrypt attachments in emails when "automatic encryption" is enabled, which allows remote attackers to obtain sensitive information by sniffing the network.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-310,

Products Affected

Vendor Product Version
kde kmail 4.11.5
CVE-2015-1307 MEDIUM

plasma-workspace before 5.1.95 allows remote attackers to obtain passwords via a Trojan horse Look and Feel package.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,

Products Affected

Vendor Product Version
kde plasma-workspace *
CVE-2015-1308 MEDIUM

kde-workspace 4.2.0 and plasma-workspace before 5.1.95 allows remote attackers to obtain input events, and consequently obtain passwords, by leveraging access to the X server when the screen is locked.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
kde plasma-workspace *
kde kde-workspace *
CVE-2015-7543 MEDIUM

aRts 1.5.10 and kdelibs3 3.5.10 and earlier do not properly create temporary directories, which allows local users to hijack the IPC by pre-creating the temporary directory.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,

Products Affected

Vendor Product Version
kde kdelibs *
artsproject arts 1.5.10
CVE-2016-2312 MEDIUM

Turning all screens off in Plasma-workspace and kscreenlocker while the lock screen is shown can result in the screen being unlocked when turning a screen on again.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-254,

Products Affected

Vendor Product Version
opensuse leap 42.1
kde kscreenlocker *
fedoraproject fedora 23
kde plasma-workspace *
fedoraproject fedora 22
CVE-2016-3100 LOW

kinit in KDE Frameworks before 5.23.0 uses weak permissions (644) for /tmp/xauth-xxx-_y, which allows local users to obtain X11 cookies of other users and consequently capture keystrokes and possibly gain privileges by reading the file.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
opensuse leap 42.1
opensuse opensuse 13.2
kde kde_frameworks *
CVE-2016-6232 MEDIUM

Directory traversal vulnerability in KArchive before 5.24, as used in KDE Frameworks, allows remote attackers to write to arbitrary files via a ../ (dot dot slash) in a filename in an archive file, related to KNewsstuff downloads.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
canonical ubuntu_linux 14.04
kde karchives *
canonical ubuntu_linux 12.04
canonical ubuntu_linux 15.10
CVE-2016-7787 MEDIUM

A maliciously crafted command line for kdesu can result in the user only seeing part of the commands that will actually get executed as super user.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-94,

Products Affected

Vendor Product Version
opensuse leap 42.1
opensuse opensuse 13.2
kde kde-cli-tools -
CVE-2016-7966 HIGH

Through a malicious URL that contained a quote character it was possible to inject HTML code in KMail's plaintext viewer. Due to the parser used on the URL it was not possible to include the equal sign (=) or a space into the injected HTML, which greatly reduces the available HTML functionality. Although it is possible to include an HTML comment indicator to hide content.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
fedoraproject fedora 25
debian debian_linux 8.0
suse linux_enterprise 12.0
kde kmail *
CVE-2016-7967 MEDIUM

KMail since version 5.3.0 used a QWebEngine based viewer that had JavaScript enabled. Since the generated html is executed in the local file security context by default access to remote and local URLs was enabled.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-94,CWE-284,

Products Affected

Vendor Product Version
kde kmail *
CVE-2016-7968 HIGH

KMail since version 5.3.0 used a QWebEngine based viewer that had JavaScript enabled. HTML Mail contents were not sanitized for JavaScript and included code was executed.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
kde kmail *
CVE-2017-17689 MEDIUM

The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
microsoft outlook 2010
9folders nine -
horde horde_imp -
kde kmail -
gnome evolution -
bloop airmail -
microsoft outlook 2007
apple mail -
flipdogsolutions maildroid -
r2mail2 r2mail2 -
google gmail -
kde trojita -
mozilla thunderbird -
ritlabs the_bat -
emclient emclient -
microsoft outlook 2013
microsoft outlook 2016
freron mailmate -
postbox-inc postbox -
ibm notes -
CVE-2017-5330 MEDIUM

ark before 16.12.1 might allow remote attackers to execute arbitrary code via an executable in an archive, related to associated applications.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-78,

Products Affected

Vendor Product Version
fedoraproject fedora 25
kde ark *
CVE-2017-6410 MEDIUM

kpac/script.cpp in KDE kio before 5.32 and kdelibs before 4.14.30 calls the PAC FindProxyForURL function with a full https URL (potentially including Basic Authentication credentials, a query string, or PATH_INFO), which allows remote attackers to obtain sensitive information via a crafted PAC file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-319,

Products Affected

Vendor Product Version
kde kio *
kde kdelibs *
CVE-2017-8422 HIGH

KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-290,

Products Affected

Vendor Product Version
kde kdelibs *
kde kauth *
CVE-2017-9604 MEDIUM

KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in KDE Applications before 17.04.2, do not ensure that a plugin's sign/encrypt action occurs during use of the Send Later feature, which allows remote attackers to obtain sensitive information by sniffing the network.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-311,

Products Affected

Vendor Product Version
kde messagelib *
kde kmail *
CVE-2018-1000801 MEDIUM

okular version 18.08 and earlier contains a Directory Traversal vulnerability in function "unpackDocumentArchive(...)" in "core/document.cpp" that can result in Arbitrary file creation on the user workstation. This attack appear to be exploitable via he victim must open a specially crafted Okular archive. This issue appears to have been corrected in version 18.08.1

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
debian debian_linux 9.0
debian debian_linux 8.0
kde okular *
CVE-2018-10361 HIGH

An issue was discovered in KTextEditor 5.34.0 through 5.45.0. Insecure handling of temporary files in the KTextEditor's kauth_ktexteditor_helper service (as utilized in the Kate text editor) can allow other unprivileged users on the local system to gain root privileges. The attack occurs when one user (who has an unprivileged account but is also able to authenticate as root) writes a text file using Kate into a directory owned by a another unprivileged user. The latter unprivileged user conducts a symlink attack to achieve privilege escalation.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-668,

Products Affected

Vendor Product Version
kde ktexteditor *
CVE-2018-10380 HIGH

kwallet-pam in KDE KWallet before 5.12.6 allows local users to obtain ownership of arbitrary files via a symlink attack.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-59,

Products Affected

Vendor Product Version
opensuse leap 42.3
debian debian_linux 9.0
opensuse leap 15.0
kde plasma *
CVE-2018-19120 MEDIUM

The HTML thumbnailer plugin in KDE Applications before 18.12.0 allows attackers to trigger outbound TCP connections to arbitrary IP addresses, leading to disclosure of the source IP address.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
kde kde_applications *
CVE-2018-19516 MEDIUM

messagepartthemes/default/defaultrenderer.cpp in messagelib in KDE Applications before 18.12.0 does not properly restrict the handling of an http-equiv="REFRESH" value.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
kde kde_applications *
CVE-2018-6790 MEDIUM

An issue was discovered in KDE Plasma Workspace before 5.12.0. dataengines/notifications/notificationsengine.cpp allows remote attackers to discover client IP addresses via a URL in a notification, as demonstrated by the src attribute of an IMG element.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
kde plasma-workspace *
CVE-2018-6791 HIGH

An issue was discovered in soliduiserver/deviceserviceaction.cpp in KDE Plasma Workspace before 5.12.0. When a vfat thumbdrive that contains `` or $() in its volume label is plugged in and mounted through the device notifier, it's interpreted as a shell command, leading to a possibility of arbitrary command execution. An example of an offending volume label is "$(touch b)" -- this will create a file called b in the home folder.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
debian debian_linux 9.0
kde plasma-workspace *
CVE-2019-10732 MEDIUM

In KDE KMail 5.2.3, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, they unknowingly leak the plaintext of the encrypted message part(s) back to the attacker.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-319,

Products Affected

Vendor Product Version
kde kmail 5.2.3
debian debian_linux 8.0
CVE-2019-14744 MEDIUM

In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .desktop file.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-78,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 7.0
debian debian_linux 9.0
opensuse backports_sle 15.0
canonical ubuntu_linux 16.04
canonical ubuntu_linux 19.04
debian debian_linux 10.0
kde kconfig *
redhat enterprise_linux_server 7.0
canonical ubuntu_linux 18.04
fedoraproject fedora 30
redhat enterprise_linux_workstation 7.0
fedoraproject fedora 29
CVE-2019-7443 HIGH

KDE KAuth before 5.55 allows the passing of parameters with arbitrary types to helpers running as root over DBus via DBusHelperProxy.cpp. Certain types can cause crashes, and trigger the decoding of arbitrary images with dynamically loaded plugins. In other words, KAuth unintentionally causes this plugin code to run as root, which increases the severity of any possible exploitation of a plugin vulnerability.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
opensuse leap 42.3
opensuse leap 15.0
fedoraproject fedora 28
opensuse backports -
fedoraproject fedora 29
kde kauth *
CVE-2020-11880 MEDIUM

An issue was discovered in KDE KMail before 19.12.3. By using the proprietary (non-RFC6068) "mailto?attach=..." parameter, a website (or other source of mailto links) can make KMail attach local files to a composed email message without showing a warning to the user, as demonstrated by an attach=.bash_history value.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kmail *
CVE-2020-12755 LOW

fishProtocol::establishConnection in fish/fish.cpp in KDE kio-extras through 20.04.0 makes a cacheAuthentication call even if the user had not set the keepPassword option. This may lead to unintended KWallet storage of a password.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
kde kio-extras *
CVE-2020-13152 MEDIUM

A remote user can create a specially crafted M3U file, media playlist file that when loaded by the target user, will trigger a memory leak, whereby Amarok 2.8.0 continue to waste resources over time, eventually allows attackers to cause a denial of service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-401,

Products Affected

Vendor Product Version
kde amarok 2.8.0
CVE-2020-15954 MEDIUM

KDE KMail 19.12.3 (aka 5.13.3) engages in unencrypted POP3 communication during times when the UI indicates that encryption is in use.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-319,

Products Affected

Vendor Product Version
debian debian_linux 9.0
kde kmail 19.12.3
CVE-2020-16116 MEDIUM

In kerfuffle/jobs.cpp in KDE Ark before 20.08.0, a crafted archive can install files outside the extraction directory via ../ directory traversal.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 1.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
opensuse leap 15.1
debian debian_linux 10.0
debian debian_linux 9.0
kde ark *
canonical ubuntu_linux 18.04
fedoraproject fedora 31
fedoraproject fedora 32
canonical ubuntu_linux 20.04
opensuse leap 15.2
CVE-2020-24654 MEDIUM

In KDE Ark before 20.08.1, a crafted TAR archive with symlinks can install files outside the extraction directory, as demonstrated by a write operation to a user's home directory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 1.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-59,

Products Affected

Vendor Product Version
opensuse leap 15.1
debian debian_linux 10.0
debian debian_linux 9.0
fedoraproject fedora 33
kde ark *
canonical ubuntu_linux 18.04
canonical ubuntu_linux 16.04
fedoraproject fedora 32
canonical ubuntu_linux 20.04
opensuse leap 15.2
CVE-2020-26164 MEDIUM

In kdeconnect-kde (aka KDE Connect) before 20.08.2, an attacker on the local network could send crafted packets that trigger use of large amounts of CPU, memory, or network connection slots, aka a Denial of Service attack.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-400,

Products Affected

Vendor Product Version
opensuse leap 15.1
opensuse backports_sle 15.0
kde kdeconnect *
opensuse leap 15.2
CVE-2020-27187 HIGH

An issue was discovered in KDE Partition Manager 4.1.0 before 4.2.0. The kpmcore_externalcommand helper contains a logic flaw in which the service invoking D-Bus is not properly checked. An attacker on the local machine can replace /etc/fstab, and execute mount and other partitioning related commands, while KDE Partition Manager is running. the mount command can then be used to gain full root privileges.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
kde partition_manager *
CVE-2020-9359 MEDIUM

KDE Okular before 1.10.0 allows code execution via an action link in a PDF document.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L 1.8 3.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
debian debian_linux 8.0
fedoraproject fedora 30
fedoraproject fedora 31
fedoraproject fedora 32
kde okular *
CVE-2021-28117 MEDIUM

libdiscover/backends/KNSBackend/KNSResource.cpp in KDE Discover before 5.21.3 automatically creates links to potentially dangerous URLs (that are neither https:// nor http://) based on the content of the store.kde.org web site. (5.18.7 is also a fixed version.)

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
kde discover *
CVE-2021-31855 MEDIUM

KDE Messagelib through 5.17.0 reveals cleartext of encrypted messages in some situations. Deleting an attachment of a decrypted encrypted message stored on a remote server (e.g., an IMAP server) causes KMail to upload the decrypted content of the message to the remote server. With a crafted message, a user could be tricked into decrypting an encrypted message and then deleting an attachment attached to this message. If the attacker has access to the messages stored on the email server, then the attacker could read the decrypted content of the encrypted message. This occurs in ViewerPrivate::deleteAttachment in messageviewer/src/viewer/viewer_p.cpp.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-312,

Products Affected

Vendor Product Version
kde messagelib *
CVE-2021-36083 MEDIUM

KDE KImageFormats 5.70.0 through 5.81.0 has a stack-based buffer overflow in XCFImageFormat::loadTileRLE.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
kde kimageformats *
CVE-2021-38372 MEDIUM

In KDE Trojita 0.7, man-in-the-middle attackers can create new folders because untagged responses from an IMAP server are accepted before STARTTLS.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.7 LOW CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N 2.2 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-77,

Products Affected

Vendor Product Version
kde trojita 0.7
CVE-2021-38373 LOW

In KDE KMail 19.12.3 (aka 5.13.3), the SMTP STARTTLS option is not honored (and cleartext messages are sent) unless "Server requires authentication" is checked.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N 1.6 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-77,CWE-319,

Products Affected

Vendor Product Version
kde kmail 19.12.3
CVE-2022-23853 MEDIUM

The LSP (Language Server Protocol) plugin in KDE Kate before 21.12.2 and KTextEditor before 5.91.0 tries to execute the associated LSP server binary when opening a file of a given type. If this binary is absent from the PATH, it will try running the LSP server binary in the directory of the file that was just opened (due to a misunderstanding of the QProcess API, that was never intended). This can be an untrusted directory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-427,

Products Affected

Vendor Product Version
kde kate *
kde ktexteditor *
CVE-2022-24986 MEDIUM

KDE KCron through 21.12.2 uses a temporary file in /tmp when saving, but reuses the filename during an editing session. Thus, someone watching it be created the first time could potentially intercept the file the following time, enabling that person to run unauthorized commands.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,CWE-668,

Products Affected

Vendor Product Version
kde kcron *
CVE-2024-1433 LOW

A vulnerability, which was classified as problematic, was found in KDE Plasma Workspace up to 5.93.0. This affects the function EventPluginsManager::enabledPlugins of the file components/calendar/eventpluginsmanager.cpp of the component Theme File Handler. The manipulation of the argument pluginId leads to path traversal. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The patch is named 6cdf42916369ebf4ad5bd876c4dfa0170d7b2f01. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-253407. NOTE: This requires write access to user's home or the installation of third party global themes.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cna@vuldb.com 3.1 LOW CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N 1.6 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-22,

Products Affected

Vendor Product Version
kde plasma-workspace *
CVE-2024-36041

KSmserver in KDE Plasma Workspace (aka plasma-workspace) before 5.27.11.1 and 6.x before 6.0.5.1 allows connections via ICE based purely on the host, i.e., all local connections are accepted. This allows another user on the same machine to gain access to the session manager, e.g., use the session-restore feature to execute arbitrary code as the victim (on the next boot) via earlier use of the /tmp directory.

Products Affected

Vendor Product Version
kde plasma-workspace *