Vulnerabilities > KDE > KDE > 3.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-11-29 | CVE-2002-1281 | Unspecified vulnerability in KDE Unknown vulnerability in the rlogin KIO subsystem (rlogin.protocol) of KDE 2.x 2.1 and later, and KDE 3.x 3.0.4 and earlier, allows local and remote attackers to execute arbitrary code via a certain URL. | 7.5 |
2002-11-29 | CVE-2002-1247 | Local Buffer Overflow vulnerability in KDE Network RESLISA LOGNAME Buffer overflow in LISa allows local users to gain access to a raw socket via a long LOGNAME environment variable for the resLISa daemon. | 7.2 |
2002-10-11 | CVE-2002-1152 | Unspecified vulnerability in KDE 3.0/3.0.1/3.0.2 Konqueror in KDE 3.0 through 3.0.2 does not properly detect the "secure" flag in an HTTP cookie, which could cause Konqueror to send the cookie across an unencrypted channel, which could allow remote attackers to steal the cookie via sniffing. | 7.5 |
2002-10-11 | CVE-2002-1151 | Unspecified vulnerability in KDE and Konqueror The cross-site scripting protection for Konqueror in KDE 2.2.2 and 3.0 through 3.0.3 does not properly initialize the domains on sub-frames and sub-iframes, which can allow remote attackers to execute script and steal cookies from subframes that are in other domains. | 7.5 |
2002-09-24 | CVE-2002-0970 | Unspecified vulnerability in KDE and Konqueror The SSL capability for Konqueror in KDE 3.0.2 and earlier does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack. | 7.5 |