Page 26 of 196 results (0.003 seconds)

CVSS: 5.0EPSS: 3%CPEs: 2EXPL: 3

CVE-2005-0404 – KDE KMail 1.7.1 - HTML EMail Remote Email Content Spoofing

https://notcve.org/view.php?id=CVE-2005-0404

KMail 1.7.1 in KDE 3.3.2 allows remote attackers to spoof email information, such as whether the email has been digitally signed or encrypted, via HTML formatted email. • https://www.exploit-db.com/exploits/25375 http://bugs.kde.org/show_bug.cgi?id=96020 http://mail.kde.org/pipermail/kmail-devel/2005-February/015490.html http://secunia.com/advisories/14925 http://www.securiteam.com/unixfocus/5GP0B0AFFE.html •

CVSS: 7.5EPSS: 13%CPEs: 1EXPL: 0

CVE-2005-1046

https://notcve.org/view.php?id=CVE-2005-1046

Buffer overflow in the kimgio library for KDE 3.4.0 allows remote attackers to execute arbitrary code via a crafted PCX image file. • http://bugs.kde.org/show_bug.cgi?id=102328 http://secunia.com/advisories/14908 http://secunia.com/advisories/28114 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103170-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201320-1 http://www.debian.org/security/2005/dsa-714 http://www.kde.org/info/security/advisory-20050421-1.txt http://www.novell.com/linux/security/advisories/2005_22_kdelibs3.html http://www.redhat.com/support/errata/RHSA-2005-393 •

CVSS: 2.1EPSS: 0%CPEs: 2EXPL: 0

CVE-2005-0396

https://notcve.org/view.php?id=CVE-2005-0396

Desktop Communication Protocol (DCOP) daemon, aka dcopserver, in KDE before 3.4 allows local users to cause a denial of service (dcopserver consumption) by "stalling the DCOP authentication process." • http://marc.info/?l=bugtraq&m=111099766716483&w=2 http://security.gentoo.org/glsa/glsa-200503-22.xml http://www.kde.org/info/security/advisory-20050316-1.txt http://www.mandriva.com/security/advisories?name=MDKSA-2005:058 http://www.redhat.com/support/errata/RHSA-2005-307.html http://www.redhat.com/support/errata/RHSA-2005-325.html http://www.securityfocus.com/archive/1/427976/100/0/threaded http://www.securityfocus.com/bid/12820 https://oval.cisecurity.org/repositor •

CVSS: 4.6EPSS: 0%CPEs: 7EXPL: 0

CVE-2005-0205

https://notcve.org/view.php?id=CVE-2005-0205

KPPP 2.1.2 in KDE 3.1.5 and earlier, when setuid root without certain wrappers, does not properly close a privileged file descriptor for a domain socket, which allows local users to read and write to /etc/hosts and /etc/resolv.conf and gain control over DNS name resolution by opening a number of file descriptors before executing kppp. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000934 http://www.debian.org/security/2005/dsa-692 http://www.idefense.com/application/poi/display?id=208&type=vulnerabilities http://www.kde.org/info/security/advisory-20050228-1.txt http://www.redhat.com/support/errata/RHSA-2005-175.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9596 https://access.redhat.com/security/cve/CVE-2005-0205 https://bugzilla.redhat.com/show_bug.cgi •

CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0

CVE-2005-0011

https://notcve.org/view.php?id=CVE-2005-0011

Multiple vulnerabilities in fliccd, when installed setuid root as part of the kdeedu Kstars support for Instrument Neutral Distributed Interface (INDI) in KDE 3.3 to 3.3.2, allow local users and remote attackers to execute arbitrary code via stack-based buffer overflows. • http://secunia.com/advisories/14306 http://www.gentoo.org/security/en/glsa/glsa-200502-23.xml http://www.kde.org/info/security/advisory-20050215-1.txt http://www.redhat.com/archives/fedora-announce-list/2005-February/msg00044.html •