CVSS: 5.3EPSS: 3%CPEs: 2EXPL: 3CVE-2005-0404 – KDE KMail 1.7.1 - HTML EMail Remote Email Content Spoofing
https://notcve.org/view.php?id=CVE-2005-0404
13 Apr 2005 — KMail 1.7.1 in KDE 3.3.2 allows remote attackers to spoof email information, such as whether the email has been digitally signed or encrypted, via HTML formatted email. • https://www.exploit-db.com/exploits/25375 •
CVSS: 10.0EPSS: 4%CPEs: 3EXPL: 0CVE-2005-0011
https://notcve.org/view.php?id=CVE-2005-0011
16 Feb 2005 — Multiple vulnerabilities in fliccd, when installed setuid root as part of the kdeedu Kstars support for Instrument Neutral Distributed Interface (INDI) in KDE 3.3 to 3.3.2, allow local users and remote attackers to execute arbitrary code via stack-based buffer overflows. • http://secunia.com/advisories/14306 •
CVSS: 9.3EPSS: 7%CPEs: 4EXPL: 0CVE-2004-1125
https://notcve.org/view.php?id=CVE-2004-1125
22 Dec 2004 — Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PDF file that causes the boundaries of a maskColors array to be exceeded. • ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl2.patch • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0CVE-2004-1171
https://notcve.org/view.php?id=CVE-2004-1171
10 Dec 2004 — KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are (1) manually entered by the user or (2) created by the SMB protocol handler, stores those credentials for plaintext in the user's .desktop file, which may be created with world-readable permissions, which could allow local users to obtain usernames and passwords for remote resources such as SMB shares. • http://archives.neohapsis.com/archives/fulldisclosure/2004-11/1292.html •