7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.028 Low
EPSS
Percentile
89.5%
The K Desktop Environment (KDE) is a graphical desktop for the X Window
System. The KDE Personal Information Management (kdepim) suite helps you to
organize your mail, tasks, appointments, and contacts.
The KDE team found a buffer overflow in the file information reader of
VCF files. An attacker could construct a VCF file so that when it was
opened by a victim it would execute arbitrary commands. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2003-0988 to this issue.
Users of kdepim are advised to upgrade to these erratum packages which
contain a backported security patch that corrects this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | ia64 | kdepim-devel | < 3.1.3-3.3 | kdepim-devel-3.1.3-3.3.ia64.rpm |
RedHat | any | ia64 | kdepim | < 3.1.3-3.3 | kdepim-3.1.3-3.3.ia64.rpm |