[email protected]CVE-2003-0988

HistoryFeb 17, 2004 - 5:00 a.m.

CVE-2003-0988

2004-02-1705:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2003-0988

buffer overflow

kde

kdepim

arbitrary code execution

nvd

vcf file

7.1 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.028 Low

EPSS

Percentile

90.5%

JSON

Buffer overflow in the VCF file information reader for KDE Personal Information Management (kdepim) suite in KDE 3.1.0 through 3.1.4 allows attackers to execute arbitrary code via a VCF file.

CPENameOperatorVersion
kde:kdekdeeq3.1.0
kde:kdekdeeq3.1.2
kde:kdekdeeq3.1.3
kde:kdekdeeq3.1.1

CPE	Name	Operator	Version
kde:kde	kde	eq	3.1.0
kde:kde	kde	eq	3.1.2
kde:kde	kde	eq	3.1.3
kde:kde	kde	eq	3.1.1

References

distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000810

marc.info/?l=bugtraq&m=107412130407906&w=2

security.gentoo.org/glsa/glsa-200404-02.xml

www.kb.cert.org/vuls/id/820798

www.kde.org/info/security/advisory-20040114-1.txt

www.mandrakesoft.com/security/advisories?name=MDKSA-2004:003

www.redhat.com/support/errata/RHSA-2004-005.html

www.redhat.com/support/errata/RHSA-2004-006.html

www.securityfocus.com/bid/9419

exchange.xforce.ibmcloud.com/vulnerabilities/14833

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A858

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A865

7.1 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.028 Low

EPSS

Percentile

90.5%

JSON

Related for CVE-2003-0988

securityvulns1 openvas6 redhat1 freebsd1 nessus6 gentoo1 cert1 slackware1 debiancve1