Page 26 of 196 results (0.010 seconds)

CVSS: 5.0EPSS: 3%CPEs: 2EXPL: 3

KMail 1.7.1 in KDE 3.3.2 allows remote attackers to spoof email information, such as whether the email has been digitally signed or encrypted, via HTML formatted email. • https://www.exploit-db.com/exploits/25375 http://bugs.kde.org/show_bug.cgi?id=96020 http://mail.kde.org/pipermail/kmail-devel/2005-February/015490.html http://secunia.com/advisories/14925 http://www.securiteam.com/unixfocus/5GP0B0AFFE.html •

CVSS: 7.5EPSS: 13%CPEs: 1EXPL: 0

Buffer overflow in the kimgio library for KDE 3.4.0 allows remote attackers to execute arbitrary code via a crafted PCX image file. • http://bugs.kde.org/show_bug.cgi?id=102328 http://secunia.com/advisories/14908 http://secunia.com/advisories/28114 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103170-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201320-1 http://www.debian.org/security/2005/dsa-714 http://www.kde.org/info/security/advisory-20050421-1.txt http://www.novell.com/linux/security/advisories/2005_22_kdelibs3.html http://www.redhat.com/support/errata/RHSA-2005-393 •

CVSS: 2.1EPSS: 0%CPEs: 2EXPL: 0

Desktop Communication Protocol (DCOP) daemon, aka dcopserver, in KDE before 3.4 allows local users to cause a denial of service (dcopserver consumption) by "stalling the DCOP authentication process." • http://marc.info/?l=bugtraq&m=111099766716483&w=2 http://security.gentoo.org/glsa/glsa-200503-22.xml http://www.kde.org/info/security/advisory-20050316-1.txt http://www.mandriva.com/security/advisories?name=MDKSA-2005:058 http://www.redhat.com/support/errata/RHSA-2005-307.html http://www.redhat.com/support/errata/RHSA-2005-325.html http://www.securityfocus.com/archive/1/427976/100/0/threaded http://www.securityfocus.com/bid/12820 https://oval.cisecurity.org/repositor •

CVSS: 4.6EPSS: 0%CPEs: 7EXPL: 0

KPPP 2.1.2 in KDE 3.1.5 and earlier, when setuid root without certain wrappers, does not properly close a privileged file descriptor for a domain socket, which allows local users to read and write to /etc/hosts and /etc/resolv.conf and gain control over DNS name resolution by opening a number of file descriptors before executing kppp. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000934 http://www.debian.org/security/2005/dsa-692 http://www.idefense.com/application/poi/display?id=208&type=vulnerabilities http://www.kde.org/info/security/advisory-20050228-1.txt http://www.redhat.com/support/errata/RHSA-2005-175.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9596 https://access.redhat.com/security/cve/CVE-2005-0205 https://bugzilla.redhat.com/show_bug.cgi •

CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0

Multiple vulnerabilities in fliccd, when installed setuid root as part of the kdeedu Kstars support for Instrument Neutral Distributed Interface (INDI) in KDE 3.3 to 3.3.2, allow local users and remote attackers to execute arbitrary code via stack-based buffer overflows. • http://secunia.com/advisories/14306 http://www.gentoo.org/security/en/glsa/glsa-200502-23.xml http://www.kde.org/info/security/advisory-20050215-1.txt http://www.redhat.com/archives/fedora-announce-list/2005-February/msg00044.html •