CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 1CVE-2000-0393 – KDE 1.1/1.1.1/1.2/2.0 kscd - SHELL Environmental Variable
https://notcve.org/view.php?id=CVE-2000-0393
16 May 2000 — The KDE kscd program does not drop privileges when executing a program specified in a user's SHELL environmental variable, which allows the user to gain privileges by specifying an alternate program to execute. • https://www.exploit-db.com/exploits/19915 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2000-0371
https://notcve.org/view.php?id=CVE-2000-0371
01 Mar 1999 — The libmediatool library used for the KDE mediatool allows local users to create arbitrary files via a symlink attack. La librería libmediatool usada para el mediatool de KDE permite a usuarios locales crear ficheros arbitrarios mediante un ataque de enlaces simbólicos (symlink attack) • ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-005.0.txt •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-1999-0781
https://notcve.org/view.php?id=CVE-1999-0781
18 Nov 1998 — KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables. • http://marc.info/?l=bugtraq&m=91141486301691&w=2 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-1999-1107
https://notcve.org/view.php?id=CVE-1999-1107
18 Nov 1998 — Buffer overflow in kppp in KDE allows local users to gain root access via a long PATH environmental variable. • http://marc.info/?l=bugtraq&m=91141486301691&w=2 •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-1999-0780
https://notcve.org/view.php?id=CVE-1999-0780
18 Nov 1998 — KDE klock allows local users to kill arbitrary processes by specifying an arbitrary PID in the .kss.pid file. • http://marc.info/?l=bugtraq&m=91141486301691&w=2 •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-1999-0782
https://notcve.org/view.php?id=CVE-1999-0782
18 Nov 1998 — KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable. • http://marc.info/?l=bugtraq&m=91141486301691&w=2 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-1999-1270
https://notcve.org/view.php?id=CVE-1999-1270
11 Jul 1998 — KMail in KDE 1.0 provides a PGP passphrase as a command line argument to other programs, which could allow local users to obtain the passphrase and compromise the PGP keys of other users by viewing the arguments via programs that list process information, such as ps. • http://lists.kde.org/?l=kde-devel&m=90221974029738&w=2 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-1999-1096
https://notcve.org/view.php?id=CVE-1999-1096
16 May 1998 — Buffer overflow in kscreensaver in KDE klock allows local users to gain root privileges via a long HOME environmental variable. • http://marc.info/?l=bugtraq&m=90221101925954&w=2 •