VuXML ID | Description |
972697a7-9a42-11d9-a256-0001020eed82 | kdelibs -- local DCOP denial of service vulnerability
A KDE Security Advisory reports:
Sebastian Krahmer of the SUSE LINUX Security Team
reported a local denial of service vulnerability in KDE's
Desktop Communication Protocol (DCOP) daemon better known
as dcopserver.
A local user can lock up the dcopserver of arbitrary
other users on the same machine. This can cause a
significant reduction in desktop functionality for the
affected users including, but not limited to, the
inability to browse the internet and the inability to
start new applications.
Discovery 2005-03-16 Entry 2005-03-21 ja-kdelibs
kdelibs-nocups
kdelibs
< 3.4.0
CVE-2005-0396
http://www.kde.org/info/security/advisory-20050316-1.txt
|
4472ab39-6c66-11e6-9ca5-50e549ebab6c | kdelibs -- directory traversal vulnerability
David Faure reports:
A maliciously crafted archive (.zip or .tar.bz2) with "../" in the
file paths could be offered for download via the KNewStuff
framework (e.g. on www.kde-look.org), and upon extraction would
install files anywhere in the user's home directory.
Discovery 2016-07-24 Entry 2016-08-27 kdelibs
< 4.14.10_7
CVE-2016-6232
https://www.kde.org/info/security/advisory-20160724-1.txt
|
f714d8ab-028e-11e7-8042-50e549ebab6c | kio: Information Leak when accessing https when using a malicious PAC file
Albert Astals Cid reports:
Using a malicious PAC file, and then using exfiltration methods in the PAC
function FindProxyForURL() enables the attacker to expose full https URLs.
This is a security issue since https URLs may contain sensitive
information in the URL authentication part (user:password@host), and in the
path and the query (e.g. access tokens).
This attack can be carried out remotely (over the LAN) since proxy settings
allow "Detect Proxy Configuration Automatically".
This setting uses WPAD to retrieve the PAC file, and an attacker who has access
to the victim's LAN can interfere with the WPAD protocols (DHCP/DNS+HTTP)
and inject his/her own malicious PAC instead of the legitimate one.
Discovery 2017-02-28 Entry 2017-03-11 kdelibs
< 4.14.29_10
kf5-kio
< 5.31.0_1
https://www.kde.org/info/security/advisory-20170228-1.txt
|
0baee383-356c-11e7-b9a9-50e549ebab6c | kauth: Local privilege escalation
Albert Astals Cid reports:
KAuth contains a logic flaw in which the service invoking dbus
is not properly checked.
This allows spoofing the identity of the caller and with some
carefully crafted calls can lead to gaining root from an
unprivileged account.
Discovery 2017-05-10 Entry 2017-05-10 kdelibs
< 4.14.30_4
kf5-kauth
< 5.33.0_1
CVE-2017-8422
http://www.openwall.com/lists/oss-security/2017/05/10/3
https://www.kde.org/info/security/advisory-20170510-1.txt
|
06404241-b306-11d9-a788-0001020eed82 | kdelibs -- kimgio input validation errors
A KDE Security Advisory reports:
kimgio contains a PCX image file format reader that does
not properly perform input validation. A source code audit
performed by the KDE security team discovered several
vulnerabilities in the PCX and other image file format
readers, some of them exploitable to execute arbitrary
code.
Impact: Remotely supplied, specially
crafted image files can be used to execute arbitrary
code.
Discovery 2005-04-21 Entry 2005-04-22 kdelibs
ge 3.2 lt 3.4.0_2
CVE-2005-1046
http://bugs.kde.org/102328
http://www.kde.org/info/security/advisory-20050421-1.txt
|
14ad2a28-66d2-11dc-b25f-02e0185f8d72 | konquerer -- address bar spoofing
The KDE development team reports:
The Konqueror address bar is vulnerable to spoofing attacks
that are based on embedding white spaces in the url. In addition
the address bar could be tricked to show an URL which it is
intending to visit for a short amount of time instead of the
current URL.
Discovery 2007-09-14 Entry 2007-09-19 kdebase
< 3.5.7_3
kdelibs
< 3.5.7_2
CVE-2007-3820
CVE-2007-4224
CVE-2007-4225
http://www.kde.org/info/security/advisory-20070914-1.txt
|
2f90556f-18c6-11e4-9cc4-5453ed2e2b49 | kdelibs -- KAuth PID Reuse Flaw
Martin Sandsmark reports:
The KAuth framework uses polkit-1 API which tries to authenticate
using the requestors PID. This is prone to PID reuse race
conditions.
This potentially allows a malicious application to pose as another
for authentication purposes when executing privileged actions.
Discovery 2014-07-30 Entry 2014-07-31 kdelibs
< 4.12.5_3
CVE-2014-5033
http://lists.kde.org/?l=kde-announce&m=140674898412923&w=2
|
d8fbf13a-6215-11db-a59e-0211d85f11fb | kdelibs -- integer overflow in khtml
Red Hat reports:
An integer overflow flaw was found in the way Qt handled pixmap
images. The KDE khtml library uses Qt in such a way that untrusted
parameters could be passed to Qt, triggering the overflow.
An attacker could for example create a malicious web page that when
viewed by a victim in the Konqueror browser would cause Konqueror
to crash or possibly execute arbitrary code with the privileges of
the victim.
Discovery 2006-10-14 Entry 2006-10-22 kdelibs
kdelibs-nocups
< 3.5.4_4
qt
qt-copy
< 3.3.6_3
CVE-2006-4811
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210742
http://rhn.redhat.com/errata/RHSA-2006-0720.html
|