Page 10 of 90 results (0.011 seconds)

CVSS: 2.1EPSS: 0%CPEs: 2EXPL: 0

CVE-2005-0365

https://notcve.org/view.php?id=CVE-2005-0365

The dcopidlng script in KDE 3.2.x and 3.3.x creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack. • http://bugs.kde.org/show_bug.cgi?id=97608 http://fedoranews.org/updates/FEDORA-2005-245.shtml http://marc.info/?l=bugtraq&m=110814653804757&w=2 http://secunia.com/advisories/14254 http://security.gentoo.org/glsa/glsa-200503-14.xml http://securitytracker.com/id?1013525 http://www.kde.org/info/security/advisory-20050316-2.txt http://www.mandriva.com/security/advisories?name=MDKSA-2005:045 http://www.mandriva.com/security/advisories? •

CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 2

CVE-2005-0237

https://notcve.org/view.php?id=CVE-2005-0237

The International Domain Name (IDN) support in Konqueror 3.2.1 on KDE 3.2.1 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks. • http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031459.html http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031460.html http://secunia.com/advisories/14162 http://www.kde.org/info/security/advisory-20050316-2.txt http://www.mandriva.com/security/advisories?name=MDKSA-2005:058 http://www.redhat.com/support/errata/RHSA-2005-325.html http://www.securityfocus.com/archive/1/427976/100/0/threaded http://www.securityfocus.com/bid/12461 http://www •

CVSS: 4.6EPSS: 0%CPEs: 28EXPL: 0

CVE-2005-0078

https://notcve.org/view.php?id=CVE-2005-0078

The KDE screen saver in KDE before 3.0.5 does not properly check the return value from a certain function call, which allows attackers with physical access to cause a crash and access the desktop session. • http://www.debian.org/security/2005/dsa-660 http://www.redhat.com/support/errata/RHSA-2005-009.html https://exchange.xforce.ibmcloud.com/vulnerabilities/19084 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9260 https://access.redhat.com/security/cve/CVE-2005-0078 https://bugzilla.redhat.com/show_bug.cgi?id=1617445 •

CVSS: 5.0EPSS: 4%CPEs: 35EXPL: 1

CVE-2004-1491 – Opera Web Browser 7.54 - 'KDE KFMCLIENT' Remote Command Execution

https://notcve.org/view.php?id=CVE-2004-1491

Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry. • https://www.exploit-db.com/exploits/24828 http://lists.suse.com/archive/suse-security-announce/2005-Mar/0007.html http://secunia.com/advisories/13447 http://www.gentoo.org/security/en/glsa/glsa-200502-17.xml http://www.opera.com/linux/changelogs/754u2 http://www.securityfocus.com/bid/11901 http://www.zone-h.org/advisories/read/id=6503 https://exchange.xforce.ibmcloud.com/vulnerabilities/18457 •

CVSS: 9.3EPSS: 6%CPEs: 4EXPL: 0

CVE-2004-1125

https://notcve.org/view.php?id=CVE-2004-1125

Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PDF file that causes the boundaries of a maskColors array to be exceeded. • ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl2.patch ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000921 http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030241.html http://marc.info/?t=110378596500001&r=1&w=2 http://secunia.com/advisories/17277 http://securitytracker.com/id?1012646 http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml http://www.gentoo.org&# • CWE-20: Improper Input Validation •