Page 2 of 11 results (0.003 seconds)

CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0

Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack. Konqueror Embedded y KDE 2.2.2 y anteriores no validan el campo Common Name (CN) en certificados X.509, lo que permitiría que atacantes remotos falsifiquen certificados mediante un ataque "man-in-the-middle". • http://lists.grok.org.uk/pipermail/full-disclosure/2003-May/004983.html http://www.debian.org/security/2003/dsa-361 http://www.kde.org/info/security/advisory-20030602-1.txt http://www.redhat.com/support/errata/RHSA-2003-192.html http://www.redhat.com/support/errata/RHSA-2003-193.html http://www.securityfocus.com/archive/1/320707 http://www.securityfocus.com/bid/7520 http://www.turbolinux.com/security/TLSA-2003-36.txt https://access.redhat.com/security/cve/CVE-2003 •

CVSS: 7.5EPSS: 15%CPEs: 18EXPL: 0

KDE 2 and KDE 3.1.1 and earlier 3.x versions allows attackers to execute arbitrary commands via (1) PostScript (PS) or (2) PDF files, related to missing -dPARANOIDSAFER and -dSAFER arguments when using the kghostview Ghostscript viewer. KDE 2 y KDE 3.1.1 y versiones 3.x anteriores permiten a atacantes ejecutar comandos arbitrarios mediante ficheros PostScript (PS) o PDF, relacionado con la falta de argumentos -dSAFER y -dPARANOIDSAFER • http://bugs.kde.org/show_bug.cgi?id=53343 http://bugs.kde.org/show_bug.cgi?id=56808 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000668 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000747 http://marc.info/? •

CVSS: 7.5EPSS: 1%CPEs: 15EXPL: 0

Multiple vulnerabilities in KDE 2 and KDE 3.x through 3.0.5 do not quote certain parameters that are inserted into a shell command, which could allow remote attackers to execute arbitrary commands via (1) URLs, (2) filenames, or (3) e-mail addresses. Múltiples vulnerabilidades en KDE 2 y KDE 3.x a 3.0.5 no ponen entre comillas ciertos parámetros que son insertados en comando de shell, lo que podría permitir a atacantes remotos ejecutar comandos arbitrarios mediante URLs, nombres de ficheros o direcciones de correo electrónico. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000569 http://marc.info/?l=bugtraq&m=104049734911544&w=2 http://marc.info/?l=bugtraq&m=104066520330397&w=2 http://secunia.com/advisories/8067 http://secunia.com/advisories/8103 http://www.debian.org/security/2003/dsa-234 http://www.debian.org/security/2003/dsa-235 http://www.debian.org/security/2003/dsa-236 http://www.debian.org/security/2003/dsa-237 http://www.debian.org/security/2003/dsa-238 •

CVSS: 7.2EPSS: 0%CPEs: 12EXPL: 0

Buffer overflow in LISa allows local users to gain access to a raw socket via a long LOGNAME environment variable for the resLISa daemon. Desbordamiento de búfer en resLISa en KDE 2.1 A 3.0.4 y LISa anteriores a 0.2.2 permite a usuarios locales obtener acceso a raw sockets mediante una variable de entorno LOGNAME larga. • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0068.html http://marc.info/?l=bugtraq&m=103704823501757&w=2 http://marc.info/?l=bugtraq&m=103712329102632&w=2 http://marc.info/?l=bugtraq&m=103728981029342&w=2 http://www.ciac.org/ciac/bulletins/n-020.shtml http://www.debian.org/security/2002/dsa-193 http://www.idefense.com/advisory/11.11.02.txt http://www.iss.net/security_center/static/10592.php http://www.mandriva.com/security/advisories?name=MDKSA&# •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

Buffer overflow in DSC 3.0 parser from GSview, as used in KGhostView in KDE 1.1 and KDE 3.0.3a, may allow attackers to cause a denial of service or execute arbitrary code via a modified .ps (PostScript) input file. Desbordamiento de búfer en el procesador (parser) DSC 3.0 de GSView usado en KGhostView en KDE 1.1 y KDE 3.0.3a, puede permitir a atacantes causar una denegación de servicio o ejecutar código arbitrario mediante un fichero de entrada PostScript (.ps) modificado. • http://archives.neohapsis.com/archives/bugtraq/2002-10/0163.html http://sunsolve.sun.com/search/document.do?assetkey=1-26-101426-1 http://www.ciac.org/ciac/bulletins/n-155.shtml http://www.iss.net/security_center/static/11319.php http://www.kde.org/info/security/advisory-20021008-1.txt http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:071 http://www.redhat.com/support/errata/RHSA-2002-220.html •