FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
29dd0065-81fa-11d9-a9e7-0001020eed82	kdelibs -- insecure temporary file creation Davide Madrisan reports: The `dcopidlng' script in the KDE library package (kdelibs-3.3.2/dcop/dcopidlng/dcopidlng) creates temporary files in a unsecure manner. Note: dcopidlng is only used at build time, so only users installing KDE are vulnerable, not users already running KDE. Discovery 2005-01-21 Entry 2005-02-18 Modified 2005-02-20 kdelibs ja-kdelibs < 3.3.2_5 CVE-2005-0365 http://bugs.kde.org/show_bug.cgi?id=97608 http://marc.theaimsgroup.com/?l=bugtraq&m=110814653804757
832e9d75-5bfc-11d9-a9e7-0001020eed82	kdelibs3 -- konqueror FTP command injection vulnerability Albert Puigsech Galicia reports that Konqueror (more specifically kio_ftp) and Microsoft Internet Explorer are vulnerable to a FTP command injection vulnerability which can be exploited by tricking an user into clicking a specially crafted FTP URI. It is also reported by Ian Gulliver and Emanuele Balla that this vulnerability can be used to tricking a client into sending out emails without user interaction. Discovery 2004-12-01 Entry 2005-01-01 Modified 2005-01-04 ja-kdelibs kdelibs < 3.3.2_2 11827 CVE-2004-1165 http://marc.theaimsgroup.com/?l=bugtraq&m=110245752232681 http://marc.theaimsgroup.com/?l=full-disclosure&m=110387390226693 http://marc.theaimsgroup.com/?l=full-disclosure&m=110390734925183 http://www.kde.org/info/security/advisory-20050101-1.txt
972697a7-9a42-11d9-a256-0001020eed82	kdelibs -- local DCOP denial of service vulnerability A KDE Security Advisory reports: Sebastian Krahmer of the SUSE LINUX Security Team reported a local denial of service vulnerability in KDE's Desktop Communication Protocol (DCOP) daemon better known as dcopserver. A local user can lock up the dcopserver of arbitrary other users on the same machine. This can cause a significant reduction in desktop functionality for the affected users including, but not limited to, the inability to browse the internet and the inability to start new applications. Discovery 2005-03-16 Entry 2005-03-21 ja-kdelibs kdelibs-nocups kdelibs < 3.4.0 CVE-2005-0396 http://www.kde.org/info/security/advisory-20050316-1.txt

VuXML ID

Description

29dd0065-81fa-11d9-a9e7-0001020eed82

kdelibs -- insecure temporary file creation

Davide Madrisan reports:

The `dcopidlng' script in the KDE library package (kdelibs-3.3.2/dcop/dcopidlng/dcopidlng) creates temporary files in a unsecure manner.

Note: dcopidlng is only used at build time, so only users installing KDE are vulnerable, not users already running KDE.

Discovery 2005-01-21
Entry 2005-02-18
Modified 2005-02-20
kdelibs
ja-kdelibs

< 3.3.2_5

CVE-2005-0365
http://bugs.kde.org/show_bug.cgi?id=97608
http://marc.theaimsgroup.com/?l=bugtraq&m=110814653804757

832e9d75-5bfc-11d9-a9e7-0001020eed82

kdelibs3 -- konqueror FTP command injection vulnerability

Albert Puigsech Galicia reports that Konqueror (more specifically kio_ftp) and Microsoft Internet Explorer are vulnerable to a FTP command injection vulnerability which can be exploited by tricking an user into clicking a specially crafted FTP URI.

It is also reported by Ian Gulliver and Emanuele Balla that this vulnerability can be used to tricking a client into sending out emails without user interaction.

Discovery 2004-12-01
Entry 2005-01-01
Modified 2005-01-04
ja-kdelibs
kdelibs

< 3.3.2_2

11827
CVE-2004-1165
http://marc.theaimsgroup.com/?l=bugtraq&m=110245752232681
http://marc.theaimsgroup.com/?l=full-disclosure&m=110387390226693
http://marc.theaimsgroup.com/?l=full-disclosure&m=110390734925183
http://www.kde.org/info/security/advisory-20050101-1.txt

972697a7-9a42-11d9-a256-0001020eed82

kdelibs -- local DCOP denial of service vulnerability

A KDE Security Advisory reports:

Sebastian Krahmer of the SUSE LINUX Security Team reported a local denial of service vulnerability in KDE's Desktop Communication Protocol (DCOP) daemon better known as dcopserver.

A local user can lock up the dcopserver of arbitrary other users on the same machine. This can cause a significant reduction in desktop functionality for the affected users including, but not limited to, the inability to browse the internet and the inability to start new applications.

Discovery 2005-03-16
Entry 2005-03-21
ja-kdelibs
kdelibs-nocups
kdelibs

< 3.4.0

CVE-2005-0396
http://www.kde.org/info/security/advisory-20050316-1.txt