Search Results | AttackerKB

3 Total Results

Displaying 1-3 of 3

Attacker Value

Unknown

CVE-2011-1586

Disclosure Date: April 27, 2011 (last updated November 08, 2023)

Directory traversal vulnerability in the KGetMetalink::File::isValidNameAttr function in ui/metalinkcreator/metalinker.cpp in KGet in KDE SC 4.6.2 and earlier allows remote attackers to create arbitrary files via a .. (dot dot) in the name attribute of a file element in a metalink file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-1000.

Attacker Value

Unknown

CVE-2011-1168

Disclosure Date: April 18, 2011 (last updated October 04, 2023)

Cross-site scripting (XSS) vulnerability in the KHTMLPart::htmlError function in khtml/khtml_part.cpp in Konqueror in KDE SC 4.4.0 through 4.6.1 allows remote attackers to inject arbitrary web script or HTML via the URI in a URL corresponding to an unavailable web site.

Attacker Value

Unknown

CVE-2010-2575

Disclosure Date: August 30, 2010 (last updated October 04, 2023)

Heap-based buffer overflow in the RLE decompression functionality in the TranscribePalmImageToJPEG function in generators/plucker/inplug/image.cpp in Okular in KDE SC 4.3.0 through 4.5.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image in a PDB file.

3 Total Results

Displaying 1-3 of 3

Unknown

CVE-2011-1586

Unknown

CVE-2011-1168

Unknown

CVE-2010-2575

Quick Cookie Notification