CVSS: 7.5EPSS: 11%CPEs: 4EXPL: 2CVE-2002-1224 – KDE 3.0.x - KPF Icon Option File Disclosure
https://notcve.org/view.php?id=CVE-2002-1224
28 Oct 2002 — Directory traversal vulnerability in kpf for KDE 3.0.1 through KDE 3.0.3a allows remote attackers to read arbitrary files as the kpf user via a URL with a modified icon parameter. Vulnerablidad de atravesamiento de directorios en kpf de KDE 3.0.1 a 3.0.3a permite a atacantes remotos leer ficheros arbitrarios como el usuario de kpf. • https://www.exploit-db.com/exploits/21934 •
CVSS: 7.5EPSS: 2%CPEs: 10EXPL: 0CVE-2002-1151
https://notcve.org/view.php?id=CVE-2002-1151
11 Oct 2002 — The cross-site scripting protection for Konqueror in KDE 2.2.2 and 3.0 through 3.0.3 does not properly initialize the domains on sub-frames and sub-iframes, which can allow remote attackers to execute script and steal cookies from subframes that are in other domains. La protección de ejecución de secuencias de comandos (scripts) en sitios cruzados en Konqueror 2.2.2 y 3.0 a 3.0.3 no inicializa adecuandamente los dominios en sub-marcos y sub-iframes (marcos incrustados), lo que puede permitir que atacantes r... • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-047.0.txt •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2002-1152
https://notcve.org/view.php?id=CVE-2002-1152
11 Oct 2002 — Konqueror in KDE 3.0 through 3.0.2 does not properly detect the "secure" flag in an HTTP cookie, which could cause Konqueror to send the cookie across an unencrypted channel, which could allow remote attackers to steal the cookie via sniffing. Konqueror en KDE 3.0 a 3.0.2 no detecta adecuadamente la señal (flag) en una cookieHTTP, lo que podría causar que Konqueror mandase la cookie por un canal no cifrado, que podría ser vista por atacantes espiando (sniffing) la conexión. • http://marc.info/?l=bugtraq&m=103175827225044&w=2 •
CVSS: 7.5EPSS: 2%CPEs: 8EXPL: 1CVE-2002-0970
https://notcve.org/view.php?id=CVE-2002-0970
24 Sep 2002 — The SSL capability for Konqueror in KDE 3.0.2 and earlier does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack. La capacidad SSL en Konqueror 3.0.2 y anteriores no verifica las restriccíones básicas de una certificad intermedio firmado por una AC (Autoridad Certificadora), lo que permite a atacantes remotos falsear los certificados de sitios de confianza mediante un ataque de h... • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-047.0.txt •
CVSS: 7.5EPSS: 2%CPEs: 2EXPL: 1CVE-2002-0227 – kicq 2.0.0b1 - Invalid ICQ Packet Denial of Service
https://notcve.org/view.php?id=CVE-2002-0227
03 May 2002 — KICQ 2.0.0b1 allows remote attackers to cause a denial of service (crash) via a malformed message. KICQ 2.0.0b1 permite a atacantes remotos causar una denegación de servicio (caída) mediante un mensaje malformado. • https://www.exploit-db.com/exploits/21262 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2001-0610 – SuSE 7.0 - KFM Insecure '.TMP' File Creation
https://notcve.org/view.php?id=CVE-2001-0610
27 Jul 2001 — kfm as included with KDE 1.x can allow a local attacker to gain additional privileges via a symlink attack in the kfm cache directory in /tmp. • https://www.exploit-db.com/exploits/20781 •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 5CVE-2000-0530 – KDE 1.1.2 KApplication configfile - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2000-0530
31 May 2000 — The KApplication class in the KDE 1.1.2 configuration file management capability allows local users to overwrite arbitrary files. • https://www.exploit-db.com/exploits/19979 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 2CVE-2000-0460 – KDE 1.1/1.1.1/1.1.2/1.2 - kdesud DISPLAY Environment Variable Overflow
https://notcve.org/view.php?id=CVE-2000-0460
27 May 2000 — Buffer overflow in KDE kdesud on Linux allows local uses to gain privileges via a long DISPLAY environmental variable. • https://www.exploit-db.com/exploits/19970 •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 1CVE-2000-0393 – KDE 1.1/1.1.1/1.2/2.0 kscd - SHELL Environmental Variable
https://notcve.org/view.php?id=CVE-2000-0393
16 May 2000 — The KDE kscd program does not drop privileges when executing a program specified in a user's SHELL environmental variable, which allows the user to gain privileges by specifying an alternate program to execute. • https://www.exploit-db.com/exploits/19915 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2000-0371
https://notcve.org/view.php?id=CVE-2000-0371
01 Mar 1999 — The libmediatool library used for the KDE mediatool allows local users to create arbitrary files via a symlink attack. La librería libmediatool usada para el mediatool de KDE permite a usuarios locales crear ficheros arbitrarios mediante un ataque de enlaces simbólicos (symlink attack) • ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-005.0.txt •