6 results (0.007 seconds)

CVSS: 5.0EPSS: 2%CPEs: 77EXPL: 2

rendering/render_replaced.cpp in Konqueror in KDE before 4.9.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted web page, related to "trying to reuse a frame with a null part." rendering/render_replaced.cpp en Konqueror en KDE antes de v4.9.3 permite a atacantes remotos provocar una denegación de servicio (desreferencia puntero NULL) a través de una página web modificada, relacionado con "tratar de volver a utilizar un marco con una parte nula". Konqueror version 4.7.3 suffers from a number of memory corruption vulnerabilities. • https://www.exploit-db.com/exploits/22406 http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html http://quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=65464349951e0df9b5d80c2eb3cc7458d54923ae http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc http://www.openwall.com/lists/oss-security/2012/10/11/11 http://www.openwall.com/lists/oss-security/2012/10/30/6 https://bugs.kde.org/show_bug.cgi?id=271528 •

CVSS: 5.0EPSS: 0%CPEs: 27EXPL: 0

langen2kvtml in KDE 3.0 to 3.4.2 creates insecure temporary files in /tmp with predictable names, which allows local users to overwrite arbitrary files. • http://secunia.com/advisories/16428 http://securitytracker.com/id?1014675 http://www.debian.org/security/2005/dsa-818 http://www.kde.org/info/security/advisory-20050815-1.txt http://www.mandriva.com/security/advisories?name=MDKSA-2005:159 http://www.securityfocus.com/bid/14561 •

CVSS: 4.6EPSS: 0%CPEs: 7EXPL: 0

KPPP 2.1.2 in KDE 3.1.5 and earlier, when setuid root without certain wrappers, does not properly close a privileged file descriptor for a domain socket, which allows local users to read and write to /etc/hosts and /etc/resolv.conf and gain control over DNS name resolution by opening a number of file descriptors before executing kppp. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000934 http://www.debian.org/security/2005/dsa-692 http://www.idefense.com/application/poi/display?id=208&type=vulnerabilities http://www.kde.org/info/security/advisory-20050228-1.txt http://www.redhat.com/support/errata/RHSA-2005-175.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9596 https://access.redhat.com/security/cve/CVE-2005-0205 https://bugzilla.redhat.com/show_bug.cgi •

CVSS: 7.5EPSS: 0%CPEs: 146EXPL: 0

The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities. El parche para corregir las vulnerabilidades de desbordamiento de entero en Xpdf 2.0 y 3.0 (CAN-2004-0888) es incompleto para arquitecturas de 64 bits en ciertas distribuciones de Linux como Red Hat, lo que podría dejar a los usuarios de Xpdf expuestos a las vulnerabilidades originales. • http://www.mandriva.com/security/advisories?name=MDKSA-2005:041 http://www.mandriva.com/security/advisories?name=MDKSA-2005:042 http://www.mandriva.com/security/advisories?name=MDKSA-2005:043 http://www.mandriva.com/security/advisories?name=MDKSA-2005:044 http://www.mandriva.com/security/advisories? •

CVSS: 7.5EPSS: 2%CPEs: 27EXPL: 0

Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session. Konqueror en KDE 3.2.3 Y anteriores pemiten a sitios web establecer cookies para dominios de nivel superior específicos de países, como ltd.uk o com.es, lo que podría permitir a atacantes remotos realizar un ataque de fijación de sesión y secuestrar una sesión HTTP de un usuario. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000864 http://marc.info/?l=bugtraq&m=109327681304401&w=2 http://secunia.com/advisories/12341 http://www.kde.org/info/security/advisory-20040823-1.txt http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:086 http://www.securityfocus.com/bid/10991 https://exchange.xforce.ibmcloud.com/vulnerabilities/17063 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11281 https://access& •