EUVD-2004-1169

Malware in sbrugna...

SUSE CVE-2005-0754

Kommander in KDE 3.2 through KDE 3.4.0 executes data files without confirmation from the user, which allows remote attackers to execute arbitrary code...

CVE-2004-1171

KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are 1 manually entered by the user or 2 created by the SMB protocol handler, stores those credentials for plaintext in the user's .desktop file, which may be created with world-readable permissions, which could allow local users to...

Mandrake Linux Security Advisory : kdepim (MDKSA-2004:003)

A vulnerability was discovered in all versions of kdepim as distributed with KDE versions 3.1.0 through 3.1.4. This vulnerability allows for a carefully crafted .VCF file to potentially enable a local attacker to compromise the privacy of a victim's data or execute arbitrary commands with the...

Mandrake Linux Security Advisory : kdelibs (MDKSA-2002:079)

Vulnerabilities were discovered in the KIO subsystem support for various network protocols. The implementation of the rlogin protocol affects all KDE versions from 2.1 up to 3.0.4, while the flawed implementation of the telnet protocol only affects KDE 2.x. They allow a carefully crafted URL in a...

CVE-2004-0411

The URI handlers in Konqueror for KDE 3.2.2 and earlier do not properly filter "-" characters that begin a hostname in a 1 telnet, 2 rlogin, 3 ssh, or 4 mailto URI, which allows remote attackers to manipulate the options that are passed to the associated programs, possibly to read arbitrary files...