Searching kde software vulnerabilities

Buffer overflow in kscreensaver in KDE klock al

environmental | kscreensaver | privileges | variable | overflow | Buffer | allows | users | local | klock | long | HOME | root | gain | KDE | via |

Buffer overflow in kscreensaver in KDE klock allows local users to gain root privileges via a long HOME environmental variable.


Buffer overflow in kppp in KDE allows local use

overflow | allows | access | Buffer | users | local | kppp | long | root | gain | KDE | via |

Buffer overflow in kppp in KDE allows local users to gain root access via a long -c (account_name) command line argument.


Buffer overflow in kppp in KDE allows local use

environmental | variable | overflow | access | allows | Buffer | users | local | long | PATH | gain | kppp | root | via | KDE |

Buffer overflow in kppp in KDE allows local users to gain root access via a long PATH environmental variable.


Vulnerability in KDE konsole allows local users

Vulnerability | accessing | sessions | observe | devices | konsole | certain | allows | hijack | local | users | other | KDE |

Vulnerability in KDE konsole allows local users to hijack or observe sessions of other users by accessing certain devices.


Screen savers in KDE beta 3 allows local users

overwrite | arbitrary | symlink | Screen | savers | attack | ksspid | allows | files | users | local | beta | file | KDE | via |

Screen savers in KDE beta 3 allows local users to overwrite arbitrary files via a symlink attack on the .kss.pid file.


Format string vulnerability in kvt in KDE 1.1.2

vulnerability | Format | string | KDE | kvt |

Format string vulnerability in kvt in KDE 1.1.2 may allow local users to execute arbitrary commands via a DISPLAY environmental variable that contains formatting characters.


kfm as included with KDE 1.x can allow a local

privileges | additional | directory | attacker | included | symlink | attack | cache | allow | local | /tmp | gain | KDE | kfm | via | can |

kfm as included with KDE 1.x can allow a local attacker to gain additional privileges via a symlink attack in the kfm cache directory in /tmp.


KDE ktvision 0.1.1-271 and earlier allows local

configuration | privileges | attackers | ktvision | symlink | 011-271 | earlier | allows | attack | local | file | user | gain | root | KDE | via |

KDE ktvision 0.1.1-271 and earlier allows local attackers to gain root privileges via a symlink attack on a user configuration file.


Kmail 1.2 on KDE 2.1.1 allows remote attackers

Kmail | KDE |

Kmail 1.2 on KDE 2.1.1 allows remote attackers to cause a denial of service (crash) via an email message whose body is approximately 55 K long.


Unknown vulnerability in the rlogin KIO subsyst

vulnerability | subsystem | Unknown | rlogin | KIO |

Unknown vulnerability in the rlogin KIO subsystem (rlogin.protocol) of KDE 2.x 2.1 and later, and KDE 3.x 3.0.4 and earlier, allows local and remote attackers to execute arbitrary code via a certain URL.


Unknown vulnerability in the telnet KIO subsyst

vulnerability | subsystem | Unknown | telnet | KIO |

Unknown vulnerability in the telnet KIO subsystem (telnet.protocol) of KDE 2.x 2.1 and later allows local and remote attackers to execute arbitrary code via a certain URL.


Multiple buffer overflows in LISa on KDE 2.x fo

overflows | Multiple | before | buffer | later | LISa | KDE |

Multiple buffer overflows in LISa on KDE 2.x for 2.1 and later, and KDE 3.x before 3.0.4, allow (1) local and possibly remote attackers to execute arbitrary code via the "lisa" daemon, and (2) remote attackers to execute arbitrary code via a certain "lan://" URL.


Multiple vulnerabilities in KDE 2 and KDE 3.x t

vulnerabilities | Multiple | through | KDE |

Multiple vulnerabilities in KDE 2 and KDE 3.x through 3.0.5 do not quote certain parameters that are inserted into a shell command, which could allow remote attackers to execute arbitrary commands via (1) URLs, (2) filenames, or (3) e-mail addresses.


KDE 2 and KDE 3.1.1 and earlier 3.x versions al

KDE |

KDE 2 and KDE 3.1.1 and earlier 3.x versions allows attackers to execute arbitrary commands via (1) PostScript (PS) or (2) PDF files, related to missing -dPARANOIDSAFER and -dSAFER arguments when using the kghostview Ghostscript viewer.


KDE Konqueror for KDE 3.1.2 and earlier does no

Konqueror | KDE |

KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites.


The KDE screen saver in KDE before 3.0.5 does n

before | screen | saver | KDE |

The KDE screen saver in KDE before 3.0.5 does not properly check the return value from a certain function call, which allows attackers with physical access to cause a crash and access the desktop session.


The (1) Kate and (2) Kwrite applications in KDE


The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote attackers to obtain sensitive information.


kcheckpass in KDE 3.2.0 up to 3.4.2 allows loca

kcheckpass | KDE |

kcheckpass in KDE 3.2.0 up to 3.4.2 allows local users to gain root access via a symlink attack on lock files.


KDE Display Manager (KDM) in KDE 3.2.0 up to 3.

Manager | Display | KDE |

KDE Display Manager (KDM) in KDE 3.2.0 up to 3.5.3 allows local users to read arbitrary files via a symlink attack related to the session type for login.


ecma/kjs_html.cpp in KDE JavaScript (KJS), as u

ecma/kjs_htmlcpp | JavaScript | KDE |

ecma/kjs_html.cpp in KDE JavaScript (KJS), as used in Konqueror in KDE 3.5.5, allows remote attackers to cause a denial of service (crash) by accessing the content of an iframe with an ftp:// URI in the src attribute, probably due to a NULL pointer dereference.


Software vulnerabilities results 1 to 20 of 66     
Page: 1234