Lucene search

[email protected]CVE-2003-0256

HistoryMay 27, 2003 - 4:00 a.m.

CVE-2003-0256

2003-05-2704:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2003-0256

gnupg plugin

kopete

remote attackers

arbitrary commands

nvd

7.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.016 Low

EPSS

Percentile

87.4%

JSON

The GnuPG plugin in kopete before 0.6.2 does not properly cleanse the command line when executing gpg, which allows remote attackers to execute arbitrary commands.

CPENameOperatorVersion
kde:kopetekde kopeteeq0.6.1

CPE	Name	Operator	Version
kde:kopete	kde kopete	eq	0.6.1

References

distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000665

kopete.kde.org/index.php?page=newsstory&news=Kopete_releases_version_0.6.2

www.mandriva.com/security/advisories?name=MDKSA-2003:055

7.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.016 Low

EPSS

Percentile

87.4%

JSON

Related for CVE-2003-0256

securityvulns1 nessus1