Page 2 of 10 results (0.006 seconds)

CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0

Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack. Konqueror Embedded y KDE 2.2.2 y anteriores no validan el campo Common Name (CN) en certificados X.509, lo que permitiría que atacantes remotos falsifiquen certificados mediante un ataque "man-in-the-middle". • http://lists.grok.org.uk/pipermail/full-disclosure/2003-May/004983.html http://www.debian.org/security/2003/dsa-361 http://www.kde.org/info/security/advisory-20030602-1.txt http://www.redhat.com/support/errata/RHSA-2003-192.html http://www.redhat.com/support/errata/RHSA-2003-193.html http://www.securityfocus.com/archive/1/320707 http://www.securityfocus.com/bid/7520 http://www.turbolinux.com/security/TLSA-2003-36.txt https://access.redhat.com/security/cve/CVE-2003 •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

Buffer overflow in DSC 3.0 parser from GSview, as used in KGhostView in KDE 1.1 and KDE 3.0.3a, may allow attackers to cause a denial of service or execute arbitrary code via a modified .ps (PostScript) input file. Desbordamiento de búfer en el procesador (parser) DSC 3.0 de GSView usado en KGhostView en KDE 1.1 y KDE 3.0.3a, puede permitir a atacantes causar una denegación de servicio o ejecutar código arbitrario mediante un fichero de entrada PostScript (.ps) modificado. • http://archives.neohapsis.com/archives/bugtraq/2002-10/0163.html http://sunsolve.sun.com/search/document.do?assetkey=1-26-101426-1 http://www.ciac.org/ciac/bulletins/n-155.shtml http://www.iss.net/security_center/static/11319.php http://www.kde.org/info/security/advisory-20021008-1.txt http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:071 http://www.redhat.com/support/errata/RHSA-2002-220.html •

CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 5

The KApplication class in the KDE 1.1.2 configuration file management capability allows local users to overwrite arbitrary files. • https://www.exploit-db.com/exploits/19979 https://www.exploit-db.com/exploits/19980 https://www.exploit-db.com/exploits/19981 ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-015.0.txt http://archives.neohapsis.com/archives/bugtraq/2000-05/0387.html http://www.redhat.com/support/errata/RHSA-2000-032.html http://www.securityfocus.com/bid/1291 https://exchange.xforce.ibmcloud.com/vulnerabilities/4583 •

CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 2

Buffer overflow in KDE kdesud on Linux allows local uses to gain privileges via a long DISPLAY environmental variable. • https://www.exploit-db.com/exploits/19970 http://archives.neohapsis.com/archives/bugtraq/2000-05/0353.html http://www.securityfocus.com/bid/1274 •

CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 1

The KDE kscd program does not drop privileges when executing a program specified in a user's SHELL environmental variable, which allows the user to gain privileges by specifying an alternate program to execute. • https://www.exploit-db.com/exploits/19915 http://archives.neohapsis.com/archives/bugtraq/2000-05/0172.html http://www.novell.com/linux/security/advisories/suse_security_announce_50.html http://www.securityfocus.com/bid/1206 •