FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-24 21:00:48 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
2e116ba5-f7c3-11d9-928e-000b5d7e6dd5	kdebase -- Kate backup file permission leak A KDE Security Advisory explains: Kate / Kwrite create a file backup before saving a modified file. These backup files are created with default permissions, even if the original file had more strict permissions set. Depending on the system security settings, backup files might be readable by other users. Kate / Kwrite are network transparent applications and therefore this vulnerability might not be restricted to local users. Discovery 2005-07-18 Entry 2005-07-18 Modified 2005-10-09 kdebase ge 3.2.0 lt 3.4.1 linux_base-suse ge 9.3 lt 9.3_2 CVE-2005-1920 https://bugs.kde.org/show_bug.cgi?id=103331 http://www.kde.org/info/security/advisory-20050718-1.txt
837b9fb2-0595-11da-86bc-000e0c2e438a	zlib -- buffer overflow vulnerability Problem description A fixed-size buffer is used in the decompression of data streams. Due to erronous analysis performed when zlib was written, this buffer, which was belived to be sufficiently large to handle any possible input stream, is in fact too small. Impact A carefully constructed compressed data stream can result in zlib overwriting some data structures. This may cause applications to halt, resulting in a denial of service; or it may result in an attacker gaining elevated privileges. Discovery 2005-07-27 Entry 2005-08-05 Modified 2005-09-24 linux_base-suse < 9.3_1 FreeBSD ge 5.4 lt 5.4_6 ge 5.3 lt 5.3_20 CVE-2005-1849 SA-05:18.zlib

VuXML ID

Description

2e116ba5-f7c3-11d9-928e-000b5d7e6dd5

kdebase -- Kate backup file permission leak

A KDE Security Advisory explains:

Kate / Kwrite create a file backup before saving a modified file. These backup files are created with default permissions, even if the original file had more strict permissions set.

Depending on the system security settings, backup files might be readable by other users. Kate / Kwrite are network transparent applications and therefore this vulnerability might not be restricted to local users.

Discovery 2005-07-18
Entry 2005-07-18
Modified 2005-10-09
kdebase

ge 3.2.0 lt 3.4.1

linux_base-suse

ge 9.3 lt 9.3_2

CVE-2005-1920
https://bugs.kde.org/show_bug.cgi?id=103331
http://www.kde.org/info/security/advisory-20050718-1.txt

837b9fb2-0595-11da-86bc-000e0c2e438a

zlib -- buffer overflow vulnerability

Problem description

A fixed-size buffer is used in the decompression of data streams. Due to erronous analysis performed when zlib was written, this buffer, which was belived to be sufficiently large to handle any possible input stream, is in fact too small.

Impact

A carefully constructed compressed data stream can result in zlib overwriting some data structures. This may cause applications to halt, resulting in a denial of service; or it may result in an attacker gaining elevated privileges.

Discovery 2005-07-27
Entry 2005-08-05
Modified 2005-09-24
linux_base-suse

< 9.3_1

FreeBSD

ge 5.4 lt 5.4_6

ge 5.3 lt 5.3_20

CVE-2005-1849
SA-05:18.zlib