CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 1CVE-2015-7543
https://notcve.org/view.php?id=CVE-2015-7543
aRts 1.5.10 and kdelibs3 3.5.10 and earlier do not properly create temporary directories, which allows local users to hijack the IPC by pre-creating the temporary directory. aRts versión 1.5.10 y kdelibs3 versión 3.5.10 y anteriores, no crean apropiadamente los directorios temporales, lo que permite a los usuarios locales secuestrar la IPC mediante la creación previa del directorio temporal. • https://bugzilla.redhat.com/show_bug.cgi?id=1280543 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2017-8422 – KDE 4/5 - 'KAuth' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2017-8422
KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app. KDelibs de KDE antes de 4.14.32 y KAuth antes de 5.34 permiten que los usuarios locales obtengan privilegios de root por spoofing de un callerID y aprovechando una aplicación de ayuda privilegiada. A privilege escalation flaw was found in the way kdelibs handled D-Bus messages. A local user could potentially use this flaw to gain root privileges by spoofing a callerID and leveraging a privileged helper application. KDE versions 4 and 5 suffer from a KAuth privilege escalation vulnerability. • https://www.exploit-db.com/exploits/42053 http://www.debian.org/security/2017/dsa-3849 http://www.openwall.com/lists/oss-security/2017/05/10/3 http://www.securityfocus.com/bid/98412 http://www.securitytracker.com/id/1038480 https://access.redhat.com/errata/RHSA-2017:1264 https://bugzilla.redhat.com/show_bug.cgi?id=1449647 https://cgit.kde.org/kauth.git/commit/?id=df875f725293af53399f5146362eb158b4f9216a https://cgit.kde.org/kdelibs.git/commit/?id=264e97625abe2e0334f97de17f6ffb52582888a • CWE-290: Authentication Bypass by Spoofing •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-6410
https://notcve.org/view.php?id=CVE-2017-6410
kpac/script.cpp in KDE kio before 5.32 and kdelibs before 4.14.30 calls the PAC FindProxyForURL function with a full https URL (potentially including Basic Authentication credentials, a query string, or PATH_INFO), which allows remote attackers to obtain sensitive information via a crafted PAC file. kpac/script.cpp en KDE kio en versiones anteriores a 5.32 y kdelibs en versiones anteriores a 4.14.30 llama a la función PAC FindProxyForURL con una URL https completa (incluyendo potencialmente credenciales de autenticación básicas, una cadena de consulta o PATH_INFO), lo que permite a atacantes remotos obtener información sensible a través de un archivo PAC manipulado. • http://www.debian.org/security/2017/dsa-3849 http://www.securityfocus.com/bid/96515 https://www.kde.org/info/security/advisory-20170228-1.txt • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 6.9EPSS: 0%CPEs: 38EXPL: 1CVE-2014-5033 – polkit-qt: insecure calling of polkit
https://notcve.org/view.php?id=CVE-2014-5033
KDE kdelibs before 4.14 and kauth before 5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, related to CVE-2013-4288 and "PID reuse race conditions." KDE kdelibs anterior a 4.14 y kauth anterior a 5.1 no utilizan debidamente D-Bus para la comunicación con una autoridad polkit, lo que permite a usuarios locales evadir las restricciones de acceso mediante el aprovechamiento de una condición de carrera PolkitUnixProcess PolkitSubject a través de un proceso (1) setuid o (2) pkexec, relacionado con el CVE-2013-4288 y 'condiciones de carrera de reuso PID.' It was found that polkit-qt handled authorization requests with PolicyKit via a D-Bus API that is vulnerable to a race condition. A local user could use this flaw to bypass intended PolicyKit authorizations. • http://lists.opensuse.org/opensuse-updates/2014-08/msg00012.html http://quickgit.kde.org/?p=kauth.git&a=commit&h=341b7d84b6d9c03cf56905cb277b47e11c81482a http://quickgit.kde.org/?p=kdelibs.git&a=commitdiff&h=e4e7b53b71e2659adaf52691d4accc3594203b23 http://rhn.redhat.com/errata/RHSA-2014-1359.html http://secunia.com/advisories/60385 http://secunia.com/advisories/60633 http://secunia.com/advisories/60654 http://www.debian.org/security/2014/dsa-3004 http://www.kde.org/info/security/advisory-201407 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0CVE-2013-2074
https://notcve.org/view.php?id=CVE-2013-2074
kioslave/http/http.cpp in KIO in kdelibs 4.10.3 and earlier allows attackers to discover credentials via a crafted request that triggers an "internal server error," which includes the username and password in an error message. kioslave/http/http.cpp en KIO en kdelibs 4.10.3 y anteriores permite a atacantes remotos descubrir credenciales a través de una solicitud manipulada que provoca un "internal server error," el cual incluye el nombre de usuario y contraseña en un mensaje de error. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=707776 http://ubuntu.com/usn/usn-1842-1 http://www.openwall.com/lists/oss-security/2013/05/10/4 http://www.openwall.com/lists/oss-security/2013/05/11/2 http://www.osvdb.org/93244 http://xorl.wordpress.com/2013/05/22/cve-2013-2074-kde-kdelibs-password-exposure https://bugs.kde.org/show_bug.cgi?id=319428 https://bugzilla.redhat.com/show_bug.cgi?id=961981 https://projects.kde.org/projects/kde/kdelibs/r • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •