CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2003-0370
https://notcve.org/view.php?id=CVE-2003-0370
Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack. Konqueror Embedded y KDE 2.2.2 y anteriores no validan el campo Common Name (CN) en certificados X.509, lo que permitiría que atacantes remotos falsifiquen certificados mediante un ataque "man-in-the-middle". • http://lists.grok.org.uk/pipermail/full-disclosure/2003-May/004983.html http://www.debian.org/security/2003/dsa-361 http://www.kde.org/info/security/advisory-20030602-1.txt http://www.redhat.com/support/errata/RHSA-2003-192.html http://www.redhat.com/support/errata/RHSA-2003-193.html http://www.securityfocus.com/archive/1/320707 http://www.securityfocus.com/bid/7520 http://www.turbolinux.com/security/TLSA-2003-36.txt https://access.redhat.com/security/cve/CVE-2003 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2002-1223
https://notcve.org/view.php?id=CVE-2002-1223
Buffer overflow in DSC 3.0 parser from GSview, as used in KGhostView in KDE 1.1 and KDE 3.0.3a, may allow attackers to cause a denial of service or execute arbitrary code via a modified .ps (PostScript) input file. Desbordamiento de búfer en el procesador (parser) DSC 3.0 de GSView usado en KGhostView en KDE 1.1 y KDE 3.0.3a, puede permitir a atacantes causar una denegación de servicio o ejecutar código arbitrario mediante un fichero de entrada PostScript (.ps) modificado. • http://archives.neohapsis.com/archives/bugtraq/2002-10/0163.html http://sunsolve.sun.com/search/document.do?assetkey=1-26-101426-1 http://www.ciac.org/ciac/bulletins/n-155.shtml http://www.iss.net/security_center/static/11319.php http://www.kde.org/info/security/advisory-20021008-1.txt http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:071 http://www.redhat.com/support/errata/RHSA-2002-220.html •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 2CVE-2000-0460 – KDE 1.1/1.1.1/1.1.2/1.2 - kdesud DISPLAY Environment Variable Overflow
https://notcve.org/view.php?id=CVE-2000-0460
Buffer overflow in KDE kdesud on Linux allows local uses to gain privileges via a long DISPLAY environmental variable. • https://www.exploit-db.com/exploits/19970 http://archives.neohapsis.com/archives/bugtraq/2000-05/0353.html http://www.securityfocus.com/bid/1274 •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 1CVE-2000-0393 – KDE 1.1/1.1.1/1.2/2.0 kscd - SHELL Environmental Variable
https://notcve.org/view.php?id=CVE-2000-0393
The KDE kscd program does not drop privileges when executing a program specified in a user's SHELL environmental variable, which allows the user to gain privileges by specifying an alternate program to execute. • https://www.exploit-db.com/exploits/19915 http://archives.neohapsis.com/archives/bugtraq/2000-05/0172.html http://www.novell.com/linux/security/advisories/suse_security_announce_50.html http://www.securityfocus.com/bid/1206 •