Vulnerabilities > KDE > KDE
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-10-28 | CVE-2002-1223 | Denial-Of-Service vulnerability in KDE 1.1/3.0.3A Buffer overflow in DSC 3.0 parser from GSview, as used in KGhostView in KDE 1.1 and KDE 3.0.3a, may allow attackers to cause a denial of service or execute arbitrary code via a modified .ps (PostScript) input file. | 7.5 |
2002-10-11 | CVE-2002-1152 | Unspecified vulnerability in KDE 3.0/3.0.1/3.0.2 Konqueror in KDE 3.0 through 3.0.2 does not properly detect the "secure" flag in an HTTP cookie, which could cause Konqueror to send the cookie across an unencrypted channel, which could allow remote attackers to steal the cookie via sniffing. | 7.5 |
2002-10-11 | CVE-2002-1151 | Unspecified vulnerability in KDE and Konqueror The cross-site scripting protection for Konqueror in KDE 2.2.2 and 3.0 through 3.0.3 does not properly initialize the domains on sub-frames and sub-iframes, which can allow remote attackers to execute script and steal cookies from subframes that are in other domains. | 7.5 |
2002-09-24 | CVE-2002-0970 | Unspecified vulnerability in KDE and Konqueror The SSL capability for Konqueror in KDE 3.0.2 and earlier does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack. | 7.5 |
2002-05-16 | CVE-2002-0227 | Denial of Service vulnerability in kicq 2.0.0b1 Invalid ICQ Packet KICQ 2.0.0b1 allows remote attackers to cause a denial of service (crash) via a malformed message. | 5.0 |
2001-08-02 | CVE-2001-0610 | Local Security vulnerability in Linux kfm as included with KDE 1.x can allow a local attacker to gain additional privileges via a symlink attack in the kfm cache directory in /tmp. | 4.6 |
2000-05-31 | CVE-2000-0530 | The KApplication class in the KDE 1.1.2 configuration file management capability allows local users to overwrite arbitrary files. | 7.2 |
2000-05-27 | CVE-2000-0460 | Unspecified vulnerability in KDE Buffer overflow in KDE kdesud on Linux allows local uses to gain privileges via a long DISPLAY environmental variable. | 7.2 |
2000-05-16 | CVE-2000-0393 | Unspecified vulnerability in KDE The KDE kscd program does not drop privileges when executing a program specified in a user's SHELL environmental variable, which allows the user to gain privileges by specifying an alternate program to execute. | 7.2 |
1999-03-01 | CVE-2000-0371 | Unspecified vulnerability in KDE 1.1/1.1.1 The libmediatool library used for the KDE mediatool allows local users to create arbitrary files via a symlink attack. | 1.2 |