Show filters
210 Total Results
Displaying 181-190 of 210
Sort by:
Attacker Value
Unknown

CVE-2002-1306

Disclosure Date: November 29, 2002 (last updated February 22, 2025)
Multiple buffer overflows in LISa on KDE 2.x for 2.1 and later, and KDE 3.x before 3.0.4, allow (1) local and possibly remote attackers to execute arbitrary code via the "lisa" daemon, and (2) remote attackers to execute arbitrary code via a certain "lan://" URL.
0
Attacker Value
Unknown

CVE-2002-1282

Disclosure Date: November 29, 2002 (last updated February 22, 2025)
Unknown vulnerability in the telnet KIO subsystem (telnet.protocol) of KDE 2.x 2.1 and later allows local and remote attackers to execute arbitrary code via a certain URL.
0
Attacker Value
Unknown

CVE-2002-1224

Disclosure Date: October 28, 2002 (last updated February 22, 2025)
Directory traversal vulnerability in kpf for KDE 3.0.1 through KDE 3.0.3a allows remote attackers to read arbitrary files as the kpf user via a URL with a modified icon parameter.
0
Attacker Value
Unknown

CVE-2002-1223

Disclosure Date: October 28, 2002 (last updated February 22, 2025)
Buffer overflow in DSC 3.0 parser from GSview, as used in KGhostView in KDE 1.1 and KDE 3.0.3a, may allow attackers to cause a denial of service or execute arbitrary code via a modified .ps (PostScript) input file.
0
Attacker Value
Unknown

CVE-2002-1151

Disclosure Date: October 11, 2002 (last updated February 22, 2025)
The cross-site scripting protection for Konqueror in KDE 2.2.2 and 3.0 through 3.0.3 does not properly initialize the domains on sub-frames and sub-iframes, which can allow remote attackers to execute script and steal cookies from subframes that are in other domains.
0
Attacker Value
Unknown

CVE-2002-1152

Disclosure Date: October 11, 2002 (last updated February 22, 2025)
Konqueror in KDE 3.0 through 3.0.2 does not properly detect the "secure" flag in an HTTP cookie, which could cause Konqueror to send the cookie across an unencrypted channel, which could allow remote attackers to steal the cookie via sniffing.
0
Attacker Value
Unknown

CVE-2002-0970

Disclosure Date: September 24, 2002 (last updated February 22, 2025)
The SSL capability for Konqueror in KDE 3.0.2 and earlier does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack.
0
Attacker Value
Unknown

CVE-2002-0342

Disclosure Date: June 25, 2002 (last updated February 22, 2025)
Kmail 1.2 on KDE 2.1.1 allows remote attackers to cause a denial of service (crash) via an email message whose body is approximately 55 K long.
0
Attacker Value
Unknown

CVE-2002-0227

Disclosure Date: May 16, 2002 (last updated February 22, 2025)
KICQ 2.0.0b1 allows remote attackers to cause a denial of service (crash) via a malformed message.
0
Attacker Value
Unknown

CVE-2001-1197

Disclosure Date: December 14, 2001 (last updated February 22, 2025)
klprfax_filter in KDE2 KDEUtils allows local users to overwrite arbitrary files via a symlink attack on the klprfax.filter temporary file.
0