51 matches found
CVE-1999-0781
KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables...
EUVD-2000-0905
Malware in sbrugna...
EUVD-2008-5669
Malware in sbrugna...
EUVD-2008-1671
Malware in sbrugna...
EUVD-2015-1449
Malware in sbrugna...
EUVD-2003-0365
Malware in sbrugna...
EUVD-2012-4443
Malware in sbrugna...
EUVD-2007-4551
Malware in sbrugna...
EUVD-2003-0199
Malware in sbrugna...
EUVD-2006-0027
Malware in sbrugna...
EUVD-2008-1672
Malware in sbrugna...
SUSE CVE-2008-1671
startkdeinit in KDE 3.5.5 through 3.5.9, when installed setuid root, allows local users to cause a denial of service and possibly execute arbitrary code via "user-influenceable input" probably command-line arguments that cause startkdeinit to send SIGUSR1 signals to other processes...
SUSE CVE-2009-1725
WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms; KHTML in kdelibs in KDE; QtWebKit aka Qt toolkit; and possibly other products do not properly handle numeric character references, which allows remote attackers to...
KDE 1.1.2 KApplication configfile vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/1291/info The KDE configuration-file management has a bug which could result in root compromise. Due to insecure creation of configuration rc files via KApplication-class, local users can modify ownership of arbitrary fil...
USN-608-1: KDE vulnerability
It was discovered that startkdeinit in KDE 3 did not properly sanitize its input. A local attacker could exploit this to send signals to other processes and cause a denial of service or possibly execute arbitrary code. CVE-2008-1671...
CVE-2004-1125
Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted PD...
CVE-2004-1171
KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are 1 manually entered by the user or 2 created by the SMB protocol handler, stores those credentials for plaintext in the user's .desktop file, which may be created with world-readable permissions, which could allow local users to...
Mandrake Linux Security Advisory : kdelibs (MDKSA-2004:150)
Daniel Fabian discovered a potential privacy issue in KDE. When creating a link to a remote file from various applications, including Konqueror, the resulting URL may contain the authentication credentials used to access that remote resource. This includes, but is not limited to, browsing SMB Sam...
CVE-2004-1171
KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are 1 manually entered by the user or 2 created by the SMB protocol handler, stores those credentials for plaintext in the user's .desktop file, which may be created with world-readable permissions, which could allow local users to...
Debian DSA-296-1 : kdebase - insecure execution
The KDE team discovered a vulnerability in the way KDE uses Ghostscript software for processing of PostScript PS and PDF files. An attacker could provide a malicious PostScript or PDF file via mail or websites that could lead to executing arbitrary commands under the privileges of the user viewin...