Search

Find a vulnerability

Search criteria

    20 vulnerabilities found for kde_sc by kde

    CVE-2011-2725 (GCVE-0-2011-2725)

    Vulnerability from nvd – Published: 2014-02-04 19:00 – Updated: 2024-08-06 23:08
    VLAI
    Summary
    Directory traversal vulnerability in Ark 4.7.x and earlier allows remote attackers to delete and force the display of arbitrary files via .. (dot dot) sequences in a zip file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2011-10-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T23:08:23.781Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "openSUSE-SU-2012:0322",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-updates/2012-03/msg00002.html"
              },
              {
                "name": "20111007 Medium severity flaw with Ark",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2011/Oct/351"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=725764"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugzilla.novell.com/show_bug.cgi?id=708268"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/105610/Ark-2.16-Directory-Traversal.html"
              },
              {
                "name": "USN-1276-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-1276-1"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-10-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in Ark 4.7.x and earlier allows remote attackers to delete and force the display of arbitrary files via .. (dot dot) sequences in a zip file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2014-02-04T18:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "openSUSE-SU-2012:0322",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-updates/2012-03/msg00002.html"
            },
            {
              "name": "20111007 Medium severity flaw with Ark",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2011/Oct/351"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=725764"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugzilla.novell.com/show_bug.cgi?id=708268"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/105610/Ark-2.16-Directory-Traversal.html"
            },
            {
              "name": "USN-1276-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-1276-1"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2011-2725",
        "datePublished": "2014-02-04T19:00:00.000Z",
        "dateReserved": "2011-07-11T00:00:00.000Z",
        "dateUpdated": "2024-08-06T23:08:23.781Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-4132 (GCVE-0-2013-4132)

    Vulnerability from nvd – Published: 2013-09-16 19:00 – Updated: 2024-08-06 16:30
    VLAI
    Summary
    KDE-Workspace 4.10.5 and earlier does not properly handle the return value of the glibc 2.17 crypt and pw_encrypt functions, which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via (1) an invalid salt or a (2) DES or (3) MD5 encrypted password, when FIPS-140 is enable, to KDM or an (4) invalid password to KCheckPass.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://lists.opensuse.org/opensuse-updates/2013-0… vendor-advisoryx_refsource_SUSE
    http://seclists.org/oss-sec/2013/q3/117 mailing-listx_refsource_MLIST
    http://lists.opensuse.org/opensuse-updates/2013-0… vendor-advisoryx_refsource_SUSE
    http://seclists.org/oss-sec/2013/q3/120 mailing-listx_refsource_MLIST
    https://git.reviewboard.kde.org/r/111261/ x_refsource_CONFIRM
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:30:50.058Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "openSUSE-SU-2013:1291",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00002.html"
              },
              {
                "name": "[oss-security] 20130716  Re: CVE Request -- kde-workspace 4.10.5 fixing two security flaws",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://seclists.org/oss-sec/2013/q3/117"
              },
              {
                "name": "openSUSE-SU-2013:1253",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-updates/2013-07/msg00082.html"
              },
              {
                "name": "[oss-security] 20130716  Re: CVE Request -- kde-workspace 4.10.5 fixing two security flaws",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://seclists.org/oss-sec/2013/q3/120"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://git.reviewboard.kde.org/r/111261/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "KDE-Workspace 4.10.5 and earlier does not properly handle the return value of the glibc 2.17 crypt and pw_encrypt functions, which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via (1) an invalid salt or a (2) DES or (3) MD5 encrypted password, when FIPS-140 is enable, to KDM or an (4) invalid password to KCheckPass."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-09-16T19:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "openSUSE-SU-2013:1291",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00002.html"
            },
            {
              "name": "[oss-security] 20130716  Re: CVE Request -- kde-workspace 4.10.5 fixing two security flaws",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://seclists.org/oss-sec/2013/q3/117"
            },
            {
              "name": "openSUSE-SU-2013:1253",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-updates/2013-07/msg00082.html"
            },
            {
              "name": "[oss-security] 20130716  Re: CVE Request -- kde-workspace 4.10.5 fixing two security flaws",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://seclists.org/oss-sec/2013/q3/120"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://git.reviewboard.kde.org/r/111261/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2013-4132",
        "datePublished": "2013-09-16T19:00:00.000Z",
        "dateReserved": "2013-06-12T00:00:00.000Z",
        "dateUpdated": "2024-08-06T16:30:50.058Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-3365 (GCVE-0-2011-3365)

    Vulnerability from nvd – Published: 2011-11-29 17:00 – Updated: 2024-08-06 23:29
    VLAI
    Summary
    The KDE SSL Wrapper (KSSL) API in KDE SC 4.6.0 through 4.7.1, and possibly earlier versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name (CN) of a certificate via rich text.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2011-10-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T23:29:56.731Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=743054"
              },
              {
                "name": "RHSA-2011:1385",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2011-1385.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.kde.org/info/security/advisory-20111003-1.txt"
              },
              {
                "name": "MDVSA-2011:162",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:162"
              },
              {
                "name": "RHSA-2011:1364",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2011-1364.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-10-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The KDE SSL Wrapper (KSSL) API in KDE SC 4.6.0 through 4.7.1, and possibly earlier versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name (CN) of a certificate via rich text."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2012-01-19T10:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=743054"
            },
            {
              "name": "RHSA-2011:1385",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2011-1385.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.kde.org/info/security/advisory-20111003-1.txt"
            },
            {
              "name": "MDVSA-2011:162",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:162"
            },
            {
              "name": "RHSA-2011:1364",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2011-1364.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2011-3365",
        "datePublished": "2011-11-29T17:00:00.000Z",
        "dateReserved": "2011-08-30T00:00:00.000Z",
        "dateUpdated": "2024-08-06T23:29:56.731Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-1586 (GCVE-0-2011-1586)

    Vulnerability from nvd – Published: 2011-04-27 00:00 – Updated: 2024-08-06 22:28
    VLAI
    Summary
    Directory traversal vulnerability in the KGetMetalink::File::isValidNameAttr function in ui/metalinkcreator/metalinker.cpp in KGet in KDE SC 4.6.2 and earlier allows remote attackers to create arbitrary files via a .. (dot dot) in the name attribute of a file element in a metalink file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-1000.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2011-04-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T22:28:42.059Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://launchpad.net/bugs/757526"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://websvn.kde.org/branches/KDE/4.4/kdenetwork/kget/ui/metalinkcreator/metalinker.cpp?r1=1227468\u0026r2=1227467\u0026pathrev=1227468"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://websvn.kde.org/branches/KDE/4.6/kdenetwork/kget/ui/metalinkcreator/metalinker.cpp?r1=1227471\u0026r2=1227470\u0026pathrev=1227471"
              },
              {
                "name": "44124",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/44124"
              },
              {
                "name": "[oss-security] 20110415 Re: CVE Request: incomplete fix for CVE-2010-1000 in KDE network",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://openwall.com/lists/oss-security/2011/04/15/9"
              },
              {
                "name": "ADV-2011-1135",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/1135"
              },
              {
                "name": "RHSA-2011:0465",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2011-0465.html"
              },
              {
                "name": "ADV-2011-1019",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/1019"
              },
              {
                "name": "44329",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/44329"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://websvn.kde.org/branches/KDE/4.5/kdenetwork/kget/ui/metalinkcreator/metalinker.cpp?r1=1227469\u0026r2=1227468\u0026pathrev=1227469"
              },
              {
                "name": "ADV-2011-1021",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/1021"
              },
              {
                "name": "MDVSA-2011:081",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:081"
              },
              {
                "name": "USN-1114-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/usn-1114-1/"
              },
              {
                "name": "kget-name-directory-traversal(66826)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66826"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=697042"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-04-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in the KGetMetalink::File::isValidNameAttr function in ui/metalinkcreator/metalinker.cpp in KGet in KDE SC 4.6.2 and earlier allows remote attackers to create arbitrary files via a .. (dot dot) in the name attribute of a file element in a metalink file.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-1000."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://launchpad.net/bugs/757526"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://websvn.kde.org/branches/KDE/4.4/kdenetwork/kget/ui/metalinkcreator/metalinker.cpp?r1=1227468\u0026r2=1227467\u0026pathrev=1227468"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://websvn.kde.org/branches/KDE/4.6/kdenetwork/kget/ui/metalinkcreator/metalinker.cpp?r1=1227471\u0026r2=1227470\u0026pathrev=1227471"
            },
            {
              "name": "44124",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/44124"
            },
            {
              "name": "[oss-security] 20110415 Re: CVE Request: incomplete fix for CVE-2010-1000 in KDE network",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://openwall.com/lists/oss-security/2011/04/15/9"
            },
            {
              "name": "ADV-2011-1135",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/1135"
            },
            {
              "name": "RHSA-2011:0465",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2011-0465.html"
            },
            {
              "name": "ADV-2011-1019",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/1019"
            },
            {
              "name": "44329",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/44329"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://websvn.kde.org/branches/KDE/4.5/kdenetwork/kget/ui/metalinkcreator/metalinker.cpp?r1=1227469\u0026r2=1227468\u0026pathrev=1227469"
            },
            {
              "name": "ADV-2011-1021",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/1021"
            },
            {
              "name": "MDVSA-2011:081",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:081"
            },
            {
              "name": "USN-1114-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/usn-1114-1/"
            },
            {
              "name": "kget-name-directory-traversal(66826)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66826"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=697042"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2011-1586",
        "datePublished": "2011-04-27T00:00:00.000Z",
        "dateReserved": "2011-04-05T00:00:00.000Z",
        "dateUpdated": "2024-08-06T22:28:42.059Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-1168 (GCVE-0-2011-1168)

    Vulnerability from nvd – Published: 2011-04-18 18:00 – Updated: 2024-08-06 22:14
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in the KHTMLPart::htmlError function in khtml/khtml_part.cpp in Konqueror in KDE SC 4.4.0 through 4.6.1 allows remote attackers to inject arbitrary web script or HTML via the URI in a URL corresponding to an unavailable web site.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.vupen.com/english/advisories/2011/0990 vdb-entryx_refsource_VUPEN
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://www.securityfocus.com/archive/1/517433/100… mailing-listx_refsource_BUGTRAQ
    http://secunia.com/advisories/44108 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/47304 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/517432/100… mailing-listx_refsource_BUGTRAQ
    http://www.ubuntu.com/usn/USN-1110-1 vendor-advisoryx_refsource_UBUNTU
    http://www.vupen.com/english/advisories/2011/0928 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/44065 third-party-advisoryx_refsource_SECUNIA
    https://bugzilla.redhat.com/show_bug.cgi?id=695398 x_refsource_CONFIRM
    http://securityreason.com/securityalert/8208 third-party-advisoryx_refsource_SREASON
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2011/0927 vdb-entryx_refsource_VUPEN
    http://slackware.com/security/viewer.php?l=slackw… vendor-advisoryx_refsource_SLACKWARE
    http://www.kde.org/info/security/advisory-2011041… x_refsource_CONFIRM
    http://www.nth-dimension.org.uk/pub/NDSA20110321.… x_refsource_MISC
    http://securitytracker.com/id?1025322 vdb-entryx_refsource_SECTRACK
    Date Public
    2011-04-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T22:14:27.829Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2011-0990",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/0990"
              },
              {
                "name": "MDVSA-2011:075",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:075"
              },
              {
                "name": "SUSE-SR:2011:009",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
              },
              {
                "name": "20110412 Re: [Full-disclosure] Medium severity flaw in Konqueror",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/517433/100/0/threaded"
              },
              {
                "name": "44108",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/44108"
              },
              {
                "name": "47304",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/47304"
              },
              {
                "name": "20110411 Medium severity flaw in Konqueror",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/517432/100/0/threaded"
              },
              {
                "name": "USN-1110-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-1110-1"
              },
              {
                "name": "ADV-2011-0928",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/0928"
              },
              {
                "name": "44065",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/44065"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=695398"
              },
              {
                "name": "8208",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/8208"
              },
              {
                "name": "konqueror-khtmlparthtmlerror-xss(66697)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66697"
              },
              {
                "name": "ADV-2011-0927",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/0927"
              },
              {
                "name": "SSA:2011-101-02",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SLACKWARE",
                  "x_transferred"
                ],
                "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2011\u0026m=slackware-security.329727"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.kde.org/info/security/advisory-20110411-1.txt"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.nth-dimension.org.uk/pub/NDSA20110321.txt.asc"
              },
              {
                "name": "1025322",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1025322"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-04-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in the KHTMLPart::htmlError function in khtml/khtml_part.cpp in Konqueror in KDE SC 4.4.0 through 4.6.1 allows remote attackers to inject arbitrary web script or HTML via the URI in a URL corresponding to an unavailable web site."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-09T18:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "ADV-2011-0990",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0990"
            },
            {
              "name": "MDVSA-2011:075",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:075"
            },
            {
              "name": "SUSE-SR:2011:009",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
            },
            {
              "name": "20110412 Re: [Full-disclosure] Medium severity flaw in Konqueror",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/517433/100/0/threaded"
            },
            {
              "name": "44108",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/44108"
            },
            {
              "name": "47304",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/47304"
            },
            {
              "name": "20110411 Medium severity flaw in Konqueror",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/517432/100/0/threaded"
            },
            {
              "name": "USN-1110-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-1110-1"
            },
            {
              "name": "ADV-2011-0928",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0928"
            },
            {
              "name": "44065",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/44065"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=695398"
            },
            {
              "name": "8208",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/8208"
            },
            {
              "name": "konqueror-khtmlparthtmlerror-xss(66697)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66697"
            },
            {
              "name": "ADV-2011-0927",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0927"
            },
            {
              "name": "SSA:2011-101-02",
              "tags": [
                "vendor-advisory",
                "x_refsource_SLACKWARE"
              ],
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2011\u0026m=slackware-security.329727"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.kde.org/info/security/advisory-20110411-1.txt"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.nth-dimension.org.uk/pub/NDSA20110321.txt.asc"
            },
            {
              "name": "1025322",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1025322"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2011-1168",
        "datePublished": "2011-04-18T18:00:00.000Z",
        "dateReserved": "2011-03-03T00:00:00.000Z",
        "dateUpdated": "2024-08-06T22:14:27.829Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-2575 (GCVE-0-2010-2575)

    Vulnerability from nvd – Published: 2010-08-30 20:00 – Updated: 2024-08-07 02:39
    VLAI
    Summary
    Heap-based buffer overflow in the RLE decompression functionality in the TranscribePalmImageToJPEG function in generators/plucker/inplug/image.cpp in Okular in KDE SC 4.3.0 through 4.5.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image in a PDB file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.ubuntu.com/usn/USN-979-1 vendor-advisoryx_refsource_UBUNTU
    http://www.vupen.com/english/advisories/2010/2178 vdb-entryx_refsource_VUPEN
    http://www.vupen.com/english/advisories/2010/2202 vdb-entryx_refsource_VUPEN
    http://www.vupen.com/english/advisories/2010/2219 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/41132 third-party-advisoryx_refsource_SECUNIA
    http://www.kde.org/info/security/advisory-2010082… x_refsource_CONFIRM
    http://www.securityfocus.com/archive/1/513341/100… mailing-listx_refsource_BUGTRAQ
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://slackware.com/security/viewer.php?l=slackw… vendor-advisoryx_refsource_SLACKWARE
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2010/2206 vdb-entryx_refsource_VUPEN
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://www.osvdb.org/67454 vdb-entryx_refsource_OSVDB
    http://www.vupen.com/english/advisories/2010/2230 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/41086 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2010/2179 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/40952 third-party-advisoryx_refsource_SECUNIA
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://secunia.com/secunia_research/2010-109/ x_refsource_MISC
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    https://bugzilla.redhat.com/show_bug.cgi?id=627289 x_refsource_CONFIRM
    Date Public
    2010-08-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T02:39:37.989Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "USN-979-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-979-1"
              },
              {
                "name": "ADV-2010-2178",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/2178"
              },
              {
                "name": "ADV-2010-2202",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/2202"
              },
              {
                "name": "ADV-2010-2219",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/2219"
              },
              {
                "name": "41132",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/41132"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.kde.org/info/security/advisory-20100825-1.txt"
              },
              {
                "name": "20100825 Secunia Research: KDE Okular PDB Parsing RLE Decompression Buffer Overflow",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/513341/100/0/threaded"
              },
              {
                "name": "FEDORA-2010-13661",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046542.html"
              },
              {
                "name": "SSA:2010-240-03",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SLACKWARE",
                  "x_transferred"
                ],
                "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.340142"
              },
              {
                "name": "FEDORA-2010-13629",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046524.html"
              },
              {
                "name": "okularpdb-imagecpp-bo(61371)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61371"
              },
              {
                "name": "ADV-2010-2206",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/2206"
              },
              {
                "name": "MDVSA-2010:162",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:162"
              },
              {
                "name": "67454",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/67454"
              },
              {
                "name": "ADV-2010-2230",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/2230"
              },
              {
                "name": "41086",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/41086"
              },
              {
                "name": "ADV-2010-2179",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/2179"
              },
              {
                "name": "40952",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/40952"
              },
              {
                "name": "SUSE-SR:2010:018",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://secunia.com/secunia_research/2010-109/"
              },
              {
                "name": "FEDORA-2010-13589",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046448.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=627289"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-08-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in the RLE decompression functionality in the TranscribePalmImageToJPEG function in generators/plucker/inplug/image.cpp in Okular in KDE SC 4.3.0 through 4.5.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image in a PDB file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
            "shortName": "flexera"
          },
          "references": [
            {
              "name": "USN-979-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-979-1"
            },
            {
              "name": "ADV-2010-2178",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/2178"
            },
            {
              "name": "ADV-2010-2202",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/2202"
            },
            {
              "name": "ADV-2010-2219",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/2219"
            },
            {
              "name": "41132",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/41132"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.kde.org/info/security/advisory-20100825-1.txt"
            },
            {
              "name": "20100825 Secunia Research: KDE Okular PDB Parsing RLE Decompression Buffer Overflow",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/513341/100/0/threaded"
            },
            {
              "name": "FEDORA-2010-13661",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046542.html"
            },
            {
              "name": "SSA:2010-240-03",
              "tags": [
                "vendor-advisory",
                "x_refsource_SLACKWARE"
              ],
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.340142"
            },
            {
              "name": "FEDORA-2010-13629",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046524.html"
            },
            {
              "name": "okularpdb-imagecpp-bo(61371)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61371"
            },
            {
              "name": "ADV-2010-2206",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/2206"
            },
            {
              "name": "MDVSA-2010:162",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:162"
            },
            {
              "name": "67454",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/67454"
            },
            {
              "name": "ADV-2010-2230",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/2230"
            },
            {
              "name": "41086",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/41086"
            },
            {
              "name": "ADV-2010-2179",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/2179"
            },
            {
              "name": "40952",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/40952"
            },
            {
              "name": "SUSE-SR:2010:018",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://secunia.com/secunia_research/2010-109/"
            },
            {
              "name": "FEDORA-2010-13589",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046448.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=627289"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
              "ID": "CVE-2010-2575",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in the RLE decompression functionality in the TranscribePalmImageToJPEG function in generators/plucker/inplug/image.cpp in Okular in KDE SC 4.3.0 through 4.5.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image in a PDB file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "USN-979-1",
                  "refsource": "UBUNTU",
                  "url": "http://www.ubuntu.com/usn/USN-979-1"
                },
                {
                  "name": "ADV-2010-2178",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/2178"
                },
                {
                  "name": "ADV-2010-2202",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/2202"
                },
                {
                  "name": "ADV-2010-2219",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/2219"
                },
                {
                  "name": "41132",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/41132"
                },
                {
                  "name": "http://www.kde.org/info/security/advisory-20100825-1.txt",
                  "refsource": "CONFIRM",
                  "url": "http://www.kde.org/info/security/advisory-20100825-1.txt"
                },
                {
                  "name": "20100825 Secunia Research: KDE Okular PDB Parsing RLE Decompression Buffer Overflow",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/513341/100/0/threaded"
                },
                {
                  "name": "FEDORA-2010-13661",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046542.html"
                },
                {
                  "name": "SSA:2010-240-03",
                  "refsource": "SLACKWARE",
                  "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.340142"
                },
                {
                  "name": "FEDORA-2010-13629",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046524.html"
                },
                {
                  "name": "okularpdb-imagecpp-bo(61371)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61371"
                },
                {
                  "name": "ADV-2010-2206",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/2206"
                },
                {
                  "name": "MDVSA-2010:162",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:162"
                },
                {
                  "name": "67454",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/67454"
                },
                {
                  "name": "ADV-2010-2230",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/2230"
                },
                {
                  "name": "41086",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/41086"
                },
                {
                  "name": "ADV-2010-2179",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/2179"
                },
                {
                  "name": "40952",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/40952"
                },
                {
                  "name": "SUSE-SR:2010:018",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html"
                },
                {
                  "name": "http://secunia.com/secunia_research/2010-109/",
                  "refsource": "MISC",
                  "url": "http://secunia.com/secunia_research/2010-109/"
                },
                {
                  "name": "FEDORA-2010-13589",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046448.html"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=627289",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=627289"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
        "assignerShortName": "flexera",
        "cveId": "CVE-2010-2575",
        "datePublished": "2010-08-30T20:00:00.000Z",
        "dateReserved": "2010-07-01T00:00:00.000Z",
        "dateUpdated": "2024-08-07T02:39:37.989Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-1511 (GCVE-0-2010-1511)

    Vulnerability from nvd – Published: 2010-05-17 20:42 – Updated: 2024-08-07 01:28
    VLAI
    Summary
    KGet 2.4.2 in KDE SC 4.0.0 through 4.4.3 does not properly request download confirmation from the user, which makes it easier for remote attackers to overwrite arbitrary files via a crafted metalink file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/40141 vdb-entryx_refsource_BID
    http://www.ubuntu.com/usn/USN-938-1 vendor-advisoryx_refsource_UBUNTU
    http://www.securityfocus.com/archive/1/511279/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/archive/1/511294/100… mailing-listx_refsource_BUGTRAQ
    http://www.vupen.com/english/advisories/2010/1144 vdb-entryx_refsource_VUPEN
    http://secunia.com/secunia_research/2010-70/ x_refsource_MISC
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.kde.org/info/security/advisory-2010051… x_refsource_CONFIRM
    http://www.vupen.com/english/advisories/2010/3096 vdb-entryx_refsource_VUPEN
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://marc.info/?l=oss-security&m=127378789518426&w=2 mailing-listx_refsource_MLIST
    http://secunia.com/advisories/39528 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2010/1142 vdb-entryx_refsource_VUPEN
    http://securitytracker.com/id?1023984 vdb-entryx_refsource_SECTRACK
    http://osvdb.org/64689 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/39787 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2010-05-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T01:28:41.483Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "40141",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/40141"
              },
              {
                "name": "USN-938-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-938-1"
              },
              {
                "name": "20100513 Secunia Research: KDE KGet Insecure File Operation Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/511279/100/0/threaded"
              },
              {
                "name": "20100514 Re: Secunia Research: KDE KGet Insecure File Operation Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/511294/100/0/threaded"
              },
              {
                "name": "ADV-2010-1144",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/1144"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://secunia.com/secunia_research/2010-70/"
              },
              {
                "name": "kde-metalink-file-overwrite(58629)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58629"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.kde.org/info/security/advisory-20100513-1.txt"
              },
              {
                "name": "ADV-2010-3096",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/3096"
              },
              {
                "name": "FEDORA-2010-18029",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051692.html"
              },
              {
                "name": "[oss-security] 20100513 KDENetwork vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=oss-security\u0026m=127378789518426\u0026w=2"
              },
              {
                "name": "39528",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/39528"
              },
              {
                "name": "ADV-2010-1142",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/1142"
              },
              {
                "name": "1023984",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023984"
              },
              {
                "name": "64689",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/64689"
              },
              {
                "name": "39787",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/39787"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-05-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "KGet 2.4.2 in KDE SC 4.0.0 through 4.4.3 does not properly request download confirmation from the user, which makes it easier for remote attackers to overwrite arbitrary files via a crafted metalink file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
            "shortName": "flexera"
          },
          "references": [
            {
              "name": "40141",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/40141"
            },
            {
              "name": "USN-938-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-938-1"
            },
            {
              "name": "20100513 Secunia Research: KDE KGet Insecure File Operation Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/511279/100/0/threaded"
            },
            {
              "name": "20100514 Re: Secunia Research: KDE KGet Insecure File Operation Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/511294/100/0/threaded"
            },
            {
              "name": "ADV-2010-1144",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/1144"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://secunia.com/secunia_research/2010-70/"
            },
            {
              "name": "kde-metalink-file-overwrite(58629)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58629"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.kde.org/info/security/advisory-20100513-1.txt"
            },
            {
              "name": "ADV-2010-3096",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/3096"
            },
            {
              "name": "FEDORA-2010-18029",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051692.html"
            },
            {
              "name": "[oss-security] 20100513 KDENetwork vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://marc.info/?l=oss-security\u0026m=127378789518426\u0026w=2"
            },
            {
              "name": "39528",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/39528"
            },
            {
              "name": "ADV-2010-1142",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/1142"
            },
            {
              "name": "1023984",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023984"
            },
            {
              "name": "64689",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/64689"
            },
            {
              "name": "39787",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/39787"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
              "ID": "CVE-2010-1511",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "KGet 2.4.2 in KDE SC 4.0.0 through 4.4.3 does not properly request download confirmation from the user, which makes it easier for remote attackers to overwrite arbitrary files via a crafted metalink file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "40141",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/40141"
                },
                {
                  "name": "USN-938-1",
                  "refsource": "UBUNTU",
                  "url": "http://www.ubuntu.com/usn/USN-938-1"
                },
                {
                  "name": "20100513 Secunia Research: KDE KGet Insecure File Operation Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/511279/100/0/threaded"
                },
                {
                  "name": "20100514 Re: Secunia Research: KDE KGet Insecure File Operation Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/511294/100/0/threaded"
                },
                {
                  "name": "ADV-2010-1144",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/1144"
                },
                {
                  "name": "http://secunia.com/secunia_research/2010-70/",
                  "refsource": "MISC",
                  "url": "http://secunia.com/secunia_research/2010-70/"
                },
                {
                  "name": "kde-metalink-file-overwrite(58629)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58629"
                },
                {
                  "name": "http://www.kde.org/info/security/advisory-20100513-1.txt",
                  "refsource": "CONFIRM",
                  "url": "http://www.kde.org/info/security/advisory-20100513-1.txt"
                },
                {
                  "name": "ADV-2010-3096",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/3096"
                },
                {
                  "name": "FEDORA-2010-18029",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051692.html"
                },
                {
                  "name": "[oss-security] 20100513 KDENetwork vulnerabilities",
                  "refsource": "MLIST",
                  "url": "http://marc.info/?l=oss-security\u0026m=127378789518426\u0026w=2"
                },
                {
                  "name": "39528",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/39528"
                },
                {
                  "name": "ADV-2010-1142",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/1142"
                },
                {
                  "name": "1023984",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023984"
                },
                {
                  "name": "64689",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/64689"
                },
                {
                  "name": "39787",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/39787"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
        "assignerShortName": "flexera",
        "cveId": "CVE-2010-1511",
        "datePublished": "2010-05-17T20:42:00.000Z",
        "dateReserved": "2010-04-26T00:00:00.000Z",
        "dateUpdated": "2024-08-07T01:28:41.483Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-1000 (GCVE-0-2010-1000)

    Vulnerability from nvd – Published: 2010-05-17 20:42 – Updated: 2024-08-07 01:06
    VLAI
    Summary
    Directory traversal vulnerability in KGet in KDE SC 4.0.0 through 4.4.3 allows remote attackers to create arbitrary files via directory traversal sequences in the name attribute of a file element in a metalink file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/40141 vdb-entryx_refsource_BID
    http://www.ubuntu.com/usn/USN-938-1 vendor-advisoryx_refsource_UBUNTU
    http://www.vupen.com/english/advisories/2011/1101 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/42423 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/1/511294/100… mailing-listx_refsource_BUGTRAQ
    http://www.vupen.com/english/advisories/2010/1144 vdb-entryx_refsource_VUPEN
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://secunia.com/secunia_research/2010-69/ x_refsource_MISC
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/511281/100… mailing-listx_refsource_BUGTRAQ
    http://www.kde.org/info/security/advisory-2010051… x_refsource_CONFIRM
    http://www.vupen.com/english/advisories/2010/3096 vdb-entryx_refsource_VUPEN
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://marc.info/?l=oss-security&m=127378789518426&w=2 mailing-listx_refsource_MLIST
    http://secunia.com/advisories/39528 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2010/1142 vdb-entryx_refsource_VUPEN
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://securitytracker.com/id?1023984 vdb-entryx_refsource_SECTRACK
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://osvdb.org/64690 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/39787 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2010-05-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T01:06:52.535Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "40141",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/40141"
              },
              {
                "name": "USN-938-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-938-1"
              },
              {
                "name": "ADV-2011-1101",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/1101"
              },
              {
                "name": "42423",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/42423"
              },
              {
                "name": "20100514 Re: Secunia Research: KDE KGet Insecure File Operation Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/511294/100/0/threaded"
              },
              {
                "name": "ADV-2010-1144",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/1144"
              },
              {
                "name": "MDVSA-2010:098",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:098"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://secunia.com/secunia_research/2010-69/"
              },
              {
                "name": "kde-name-directory-traversal(58628)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58628"
              },
              {
                "name": "20100513 Secunia Research: KDE KGet metalink \"name\" Directory Traversal Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/511281/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.kde.org/info/security/advisory-20100513-1.txt"
              },
              {
                "name": "ADV-2010-3096",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/3096"
              },
              {
                "name": "FEDORA-2010-18029",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051692.html"
              },
              {
                "name": "[oss-security] 20100513 KDENetwork vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=oss-security\u0026m=127378789518426\u0026w=2"
              },
              {
                "name": "39528",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/39528"
              },
              {
                "name": "ADV-2010-1142",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/1142"
              },
              {
                "name": "FEDORA-2011-5211",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058580.html"
              },
              {
                "name": "1023984",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023984"
              },
              {
                "name": "SUSE-SR:2010:024",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
              },
              {
                "name": "64690",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/64690"
              },
              {
                "name": "39787",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/39787"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-05-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in KGet in KDE SC 4.0.0 through 4.4.3 allows remote attackers to create arbitrary files via directory traversal sequences in the name attribute of a file element in a metalink file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
            "shortName": "flexera"
          },
          "references": [
            {
              "name": "40141",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/40141"
            },
            {
              "name": "USN-938-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-938-1"
            },
            {
              "name": "ADV-2011-1101",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/1101"
            },
            {
              "name": "42423",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/42423"
            },
            {
              "name": "20100514 Re: Secunia Research: KDE KGet Insecure File Operation Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/511294/100/0/threaded"
            },
            {
              "name": "ADV-2010-1144",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/1144"
            },
            {
              "name": "MDVSA-2010:098",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:098"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://secunia.com/secunia_research/2010-69/"
            },
            {
              "name": "kde-name-directory-traversal(58628)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58628"
            },
            {
              "name": "20100513 Secunia Research: KDE KGet metalink \"name\" Directory Traversal Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/511281/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.kde.org/info/security/advisory-20100513-1.txt"
            },
            {
              "name": "ADV-2010-3096",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/3096"
            },
            {
              "name": "FEDORA-2010-18029",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051692.html"
            },
            {
              "name": "[oss-security] 20100513 KDENetwork vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://marc.info/?l=oss-security\u0026m=127378789518426\u0026w=2"
            },
            {
              "name": "39528",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/39528"
            },
            {
              "name": "ADV-2010-1142",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/1142"
            },
            {
              "name": "FEDORA-2011-5211",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058580.html"
            },
            {
              "name": "1023984",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023984"
            },
            {
              "name": "SUSE-SR:2010:024",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
            },
            {
              "name": "64690",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/64690"
            },
            {
              "name": "39787",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/39787"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
              "ID": "CVE-2010-1000",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Directory traversal vulnerability in KGet in KDE SC 4.0.0 through 4.4.3 allows remote attackers to create arbitrary files via directory traversal sequences in the name attribute of a file element in a metalink file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "40141",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/40141"
                },
                {
                  "name": "USN-938-1",
                  "refsource": "UBUNTU",
                  "url": "http://www.ubuntu.com/usn/USN-938-1"
                },
                {
                  "name": "ADV-2011-1101",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2011/1101"
                },
                {
                  "name": "42423",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/42423"
                },
                {
                  "name": "20100514 Re: Secunia Research: KDE KGet Insecure File Operation Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/511294/100/0/threaded"
                },
                {
                  "name": "ADV-2010-1144",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/1144"
                },
                {
                  "name": "MDVSA-2010:098",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:098"
                },
                {
                  "name": "http://secunia.com/secunia_research/2010-69/",
                  "refsource": "MISC",
                  "url": "http://secunia.com/secunia_research/2010-69/"
                },
                {
                  "name": "kde-name-directory-traversal(58628)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58628"
                },
                {
                  "name": "20100513 Secunia Research: KDE KGet metalink \"name\" Directory Traversal Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/511281/100/0/threaded"
                },
                {
                  "name": "http://www.kde.org/info/security/advisory-20100513-1.txt",
                  "refsource": "CONFIRM",
                  "url": "http://www.kde.org/info/security/advisory-20100513-1.txt"
                },
                {
                  "name": "ADV-2010-3096",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/3096"
                },
                {
                  "name": "FEDORA-2010-18029",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051692.html"
                },
                {
                  "name": "[oss-security] 20100513 KDENetwork vulnerabilities",
                  "refsource": "MLIST",
                  "url": "http://marc.info/?l=oss-security\u0026m=127378789518426\u0026w=2"
                },
                {
                  "name": "39528",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/39528"
                },
                {
                  "name": "ADV-2010-1142",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/1142"
                },
                {
                  "name": "FEDORA-2011-5211",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058580.html"
                },
                {
                  "name": "1023984",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023984"
                },
                {
                  "name": "SUSE-SR:2010:024",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
                },
                {
                  "name": "64690",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/64690"
                },
                {
                  "name": "39787",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/39787"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
        "assignerShortName": "flexera",
        "cveId": "CVE-2010-1000",
        "datePublished": "2010-05-17T20:42:00.000Z",
        "dateReserved": "2010-03-18T00:00:00.000Z",
        "dateUpdated": "2024-08-07T01:06:52.535Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-0436 (GCVE-0-2010-0436)

    Vulnerability from nvd – Published: 2010-04-15 17:00 – Updated: 2024-08-07 00:52
    VLAI
    Summary
    Race condition in backend/ctrl.c in KDM in KDE Software Compilation (SC) 2.2.0 through 4.4.2 allows local users to change the permissions of arbitrary files, and consequently gain privileges, by blocking the removal of a certain directory that contains a control socket, related to improper interaction with ksm.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.debian.org/security/2010/dsa-2037 vendor-advisoryx_refsource_DEBIAN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/39481 third-party-advisoryx_refsource_SECUNIA
    http://rhn.redhat.com/errata/RHSA-2010-0348.html vendor-advisoryx_refsource_REDHAT
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    https://bugzilla.redhat.com/show_bug.cgi?id=570613 x_refsource_CONFIRM
    http://secunia.com/advisories/39419 third-party-advisoryx_refsource_SECUNIA
    ftp://ftp.kde.org/pub/kde/security_patches/kdebas… x_refsource_CONFIRM
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://www.kde.org/info/security/advisory-2010041… x_refsource_CONFIRM
    http://secunia.com/advisories/39506 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2010/0879 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/39467 vdb-entryx_refsource_BID
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    Date Public
    2010-04-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T00:52:17.347Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "DSA-2037",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2010/dsa-2037"
              },
              {
                "name": "kde-kdm-privilege-escalation(57823)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57823"
              },
              {
                "name": "39481",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/39481"
              },
              {
                "name": "RHSA-2010:0348",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2010-0348.html"
              },
              {
                "name": "FEDORA-2010-6605",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039533.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=570613"
              },
              {
                "name": "39419",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/39419"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "ftp://ftp.kde.org/pub/kde/security_patches/kdebase-workspace-4.3.5-CVE-2010-0436.diff"
              },
              {
                "name": "SUSE-SR:2010:009",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00002.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.kde.org/info/security/advisory-20100413-1.txt"
              },
              {
                "name": "39506",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/39506"
              },
              {
                "name": "ADV-2010-0879",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0879"
              },
              {
                "name": "39467",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/39467"
              },
              {
                "name": "oval:org.mitre.oval:def:9999",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9999"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-04-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Race condition in backend/ctrl.c in KDM in KDE Software Compilation (SC) 2.2.0 through 4.4.2 allows local users to change the permissions of arbitrary files, and consequently gain privileges, by blocking the removal of a certain directory that contains a control socket, related to improper interaction with ksm."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "DSA-2037",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2010/dsa-2037"
            },
            {
              "name": "kde-kdm-privilege-escalation(57823)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57823"
            },
            {
              "name": "39481",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/39481"
            },
            {
              "name": "RHSA-2010:0348",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2010-0348.html"
            },
            {
              "name": "FEDORA-2010-6605",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039533.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=570613"
            },
            {
              "name": "39419",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/39419"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "ftp://ftp.kde.org/pub/kde/security_patches/kdebase-workspace-4.3.5-CVE-2010-0436.diff"
            },
            {
              "name": "SUSE-SR:2010:009",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00002.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.kde.org/info/security/advisory-20100413-1.txt"
            },
            {
              "name": "39506",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/39506"
            },
            {
              "name": "ADV-2010-0879",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0879"
            },
            {
              "name": "39467",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/39467"
            },
            {
              "name": "oval:org.mitre.oval:def:9999",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9999"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2010-0436",
        "datePublished": "2010-04-15T17:00:00.000Z",
        "dateReserved": "2010-01-27T00:00:00.000Z",
        "dateUpdated": "2024-08-07T00:52:17.347Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-0923 (GCVE-0-2010-0923)

    Vulnerability from nvd – Published: 2010-03-03 19:00 – Updated: 2024-09-17 00:11
    VLAI
    Summary
    Race condition in workspace/krunner/lock/lockdlg.cc in the KRunner lock module in kdebase in KDE SC 4.4.0 allows physically proximate attackers to bypass KScreenSaver screen locking and access an unattended workstation by pressing the Enter key at a certain time, related to multiple forked processes.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T01:06:52.502Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://websvn.kde.org/?view=revision\u0026revision=1089241"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bugs.kde.org/show_bug.cgi?id=226449"
              },
              {
                "name": "38600",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38600"
              },
              {
                "name": "[oss-security] 20100212 Re: Re: CVE Request: KDE screensaver unlock issue similar to GNOME one",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=oss-security\u0026m=126600468622421\u0026w=2"
              },
              {
                "name": "[oss-security] 20100212 Re: CVE Request: KDE screensaver unlock issue similar to GNOME one",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=oss-security\u0026m=126599909614401\u0026w=2"
              },
              {
                "name": "[oss-security] 20100217 Re: Re: CVE Request: KDE screensaver unlock issue similar to GNOME one",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2010/02/17/3"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://websvn.kde.org/?revision=1089213\u0026view=revision"
              },
              {
                "name": "[oss-security] 20100212 CVE Request: KDE screensaver unlock issue similar to GNOME one",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=oss-security\u0026m=126598163422670\u0026w=2"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.novell.com/show_bug.cgi?id=579280"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.kde.org/info/security/advisory-20100217-1.txt"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://websvn.kde.org/trunk/KDE/kdebase/workspace/krunner/lock/lockdlg.cc?r1=1089213\u0026r2=1089212\u0026pathrev=1089213"
              },
              {
                "name": "1023641",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023641"
              },
              {
                "name": "ADV-2010-0409",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0409"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugs.kde.org/show_bug.cgi?id=217882"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Race condition in workspace/krunner/lock/lockdlg.cc in the KRunner lock module in kdebase in KDE SC 4.4.0 allows physically proximate attackers to bypass KScreenSaver screen locking and access an unattended workstation by pressing the Enter key at a certain time, related to multiple forked processes."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2010-03-03T19:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://websvn.kde.org/?view=revision\u0026revision=1089241"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bugs.kde.org/show_bug.cgi?id=226449"
            },
            {
              "name": "38600",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38600"
            },
            {
              "name": "[oss-security] 20100212 Re: Re: CVE Request: KDE screensaver unlock issue similar to GNOME one",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://marc.info/?l=oss-security\u0026m=126600468622421\u0026w=2"
            },
            {
              "name": "[oss-security] 20100212 Re: CVE Request: KDE screensaver unlock issue similar to GNOME one",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://marc.info/?l=oss-security\u0026m=126599909614401\u0026w=2"
            },
            {
              "name": "[oss-security] 20100217 Re: Re: CVE Request: KDE screensaver unlock issue similar to GNOME one",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2010/02/17/3"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://websvn.kde.org/?revision=1089213\u0026view=revision"
            },
            {
              "name": "[oss-security] 20100212 CVE Request: KDE screensaver unlock issue similar to GNOME one",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://marc.info/?l=oss-security\u0026m=126598163422670\u0026w=2"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.novell.com/show_bug.cgi?id=579280"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.kde.org/info/security/advisory-20100217-1.txt"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://websvn.kde.org/trunk/KDE/kdebase/workspace/krunner/lock/lockdlg.cc?r1=1089213\u0026r2=1089212\u0026pathrev=1089213"
            },
            {
              "name": "1023641",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023641"
            },
            {
              "name": "ADV-2010-0409",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0409"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugs.kde.org/show_bug.cgi?id=217882"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2010-0923",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Race condition in workspace/krunner/lock/lockdlg.cc in the KRunner lock module in kdebase in KDE SC 4.4.0 allows physically proximate attackers to bypass KScreenSaver screen locking and access an unattended workstation by pressing the Enter key at a certain time, related to multiple forked processes."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://websvn.kde.org/?view=revision\u0026revision=1089241",
                  "refsource": "CONFIRM",
                  "url": "http://websvn.kde.org/?view=revision\u0026revision=1089241"
                },
                {
                  "name": "http://bugs.kde.org/show_bug.cgi?id=226449",
                  "refsource": "CONFIRM",
                  "url": "http://bugs.kde.org/show_bug.cgi?id=226449"
                },
                {
                  "name": "38600",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38600"
                },
                {
                  "name": "[oss-security] 20100212 Re: Re: CVE Request: KDE screensaver unlock issue similar to GNOME one",
                  "refsource": "MLIST",
                  "url": "http://marc.info/?l=oss-security\u0026m=126600468622421\u0026w=2"
                },
                {
                  "name": "[oss-security] 20100212 Re: CVE Request: KDE screensaver unlock issue similar to GNOME one",
                  "refsource": "MLIST",
                  "url": "http://marc.info/?l=oss-security\u0026m=126599909614401\u0026w=2"
                },
                {
                  "name": "[oss-security] 20100217 Re: Re: CVE Request: KDE screensaver unlock issue similar to GNOME one",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2010/02/17/3"
                },
                {
                  "name": "http://websvn.kde.org/?revision=1089213\u0026view=revision",
                  "refsource": "CONFIRM",
                  "url": "http://websvn.kde.org/?revision=1089213\u0026view=revision"
                },
                {
                  "name": "[oss-security] 20100212 CVE Request: KDE screensaver unlock issue similar to GNOME one",
                  "refsource": "MLIST",
                  "url": "http://marc.info/?l=oss-security\u0026m=126598163422670\u0026w=2"
                },
                {
                  "name": "https://bugzilla.novell.com/show_bug.cgi?id=579280",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.novell.com/show_bug.cgi?id=579280"
                },
                {
                  "name": "http://www.kde.org/info/security/advisory-20100217-1.txt",
                  "refsource": "CONFIRM",
                  "url": "http://www.kde.org/info/security/advisory-20100217-1.txt"
                },
                {
                  "name": "http://websvn.kde.org/trunk/KDE/kdebase/workspace/krunner/lock/lockdlg.cc?r1=1089213\u0026r2=1089212\u0026pathrev=1089213",
                  "refsource": "CONFIRM",
                  "url": "http://websvn.kde.org/trunk/KDE/kdebase/workspace/krunner/lock/lockdlg.cc?r1=1089213\u0026r2=1089212\u0026pathrev=1089213"
                },
                {
                  "name": "1023641",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023641"
                },
                {
                  "name": "ADV-2010-0409",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0409"
                },
                {
                  "name": "https://bugs.kde.org/show_bug.cgi?id=217882",
                  "refsource": "CONFIRM",
                  "url": "https://bugs.kde.org/show_bug.cgi?id=217882"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2010-0923",
        "datePublished": "2010-03-03T19:00:00.000Z",
        "dateReserved": "2010-03-03T00:00:00.000Z",
        "dateUpdated": "2024-09-17T00:11:48.522Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-2725 (GCVE-0-2011-2725)

    Vulnerability from cvelistv5 – Published: 2014-02-04 19:00 – Updated: 2024-08-06 23:08
    VLAI
    Summary
    Directory traversal vulnerability in Ark 4.7.x and earlier allows remote attackers to delete and force the display of arbitrary files via .. (dot dot) sequences in a zip file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2011-10-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T23:08:23.781Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "openSUSE-SU-2012:0322",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-updates/2012-03/msg00002.html"
              },
              {
                "name": "20111007 Medium severity flaw with Ark",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2011/Oct/351"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=725764"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugzilla.novell.com/show_bug.cgi?id=708268"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/105610/Ark-2.16-Directory-Traversal.html"
              },
              {
                "name": "USN-1276-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-1276-1"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-10-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in Ark 4.7.x and earlier allows remote attackers to delete and force the display of arbitrary files via .. (dot dot) sequences in a zip file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2014-02-04T18:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "openSUSE-SU-2012:0322",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-updates/2012-03/msg00002.html"
            },
            {
              "name": "20111007 Medium severity flaw with Ark",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2011/Oct/351"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=725764"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugzilla.novell.com/show_bug.cgi?id=708268"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/105610/Ark-2.16-Directory-Traversal.html"
            },
            {
              "name": "USN-1276-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-1276-1"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2011-2725",
        "datePublished": "2014-02-04T19:00:00.000Z",
        "dateReserved": "2011-07-11T00:00:00.000Z",
        "dateUpdated": "2024-08-06T23:08:23.781Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-4132 (GCVE-0-2013-4132)

    Vulnerability from cvelistv5 – Published: 2013-09-16 19:00 – Updated: 2024-08-06 16:30
    VLAI
    Summary
    KDE-Workspace 4.10.5 and earlier does not properly handle the return value of the glibc 2.17 crypt and pw_encrypt functions, which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via (1) an invalid salt or a (2) DES or (3) MD5 encrypted password, when FIPS-140 is enable, to KDM or an (4) invalid password to KCheckPass.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://lists.opensuse.org/opensuse-updates/2013-0… vendor-advisoryx_refsource_SUSE
    http://seclists.org/oss-sec/2013/q3/117 mailing-listx_refsource_MLIST
    http://lists.opensuse.org/opensuse-updates/2013-0… vendor-advisoryx_refsource_SUSE
    http://seclists.org/oss-sec/2013/q3/120 mailing-listx_refsource_MLIST
    https://git.reviewboard.kde.org/r/111261/ x_refsource_CONFIRM
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:30:50.058Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "openSUSE-SU-2013:1291",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00002.html"
              },
              {
                "name": "[oss-security] 20130716  Re: CVE Request -- kde-workspace 4.10.5 fixing two security flaws",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://seclists.org/oss-sec/2013/q3/117"
              },
              {
                "name": "openSUSE-SU-2013:1253",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-updates/2013-07/msg00082.html"
              },
              {
                "name": "[oss-security] 20130716  Re: CVE Request -- kde-workspace 4.10.5 fixing two security flaws",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://seclists.org/oss-sec/2013/q3/120"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://git.reviewboard.kde.org/r/111261/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "KDE-Workspace 4.10.5 and earlier does not properly handle the return value of the glibc 2.17 crypt and pw_encrypt functions, which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via (1) an invalid salt or a (2) DES or (3) MD5 encrypted password, when FIPS-140 is enable, to KDM or an (4) invalid password to KCheckPass."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-09-16T19:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "openSUSE-SU-2013:1291",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00002.html"
            },
            {
              "name": "[oss-security] 20130716  Re: CVE Request -- kde-workspace 4.10.5 fixing two security flaws",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://seclists.org/oss-sec/2013/q3/117"
            },
            {
              "name": "openSUSE-SU-2013:1253",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-updates/2013-07/msg00082.html"
            },
            {
              "name": "[oss-security] 20130716  Re: CVE Request -- kde-workspace 4.10.5 fixing two security flaws",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://seclists.org/oss-sec/2013/q3/120"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://git.reviewboard.kde.org/r/111261/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2013-4132",
        "datePublished": "2013-09-16T19:00:00.000Z",
        "dateReserved": "2013-06-12T00:00:00.000Z",
        "dateUpdated": "2024-08-06T16:30:50.058Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-3365 (GCVE-0-2011-3365)

    Vulnerability from cvelistv5 – Published: 2011-11-29 17:00 – Updated: 2024-08-06 23:29
    VLAI
    Summary
    The KDE SSL Wrapper (KSSL) API in KDE SC 4.6.0 through 4.7.1, and possibly earlier versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name (CN) of a certificate via rich text.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2011-10-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T23:29:56.731Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=743054"
              },
              {
                "name": "RHSA-2011:1385",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2011-1385.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.kde.org/info/security/advisory-20111003-1.txt"
              },
              {
                "name": "MDVSA-2011:162",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:162"
              },
              {
                "name": "RHSA-2011:1364",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2011-1364.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-10-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The KDE SSL Wrapper (KSSL) API in KDE SC 4.6.0 through 4.7.1, and possibly earlier versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name (CN) of a certificate via rich text."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2012-01-19T10:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=743054"
            },
            {
              "name": "RHSA-2011:1385",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2011-1385.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.kde.org/info/security/advisory-20111003-1.txt"
            },
            {
              "name": "MDVSA-2011:162",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:162"
            },
            {
              "name": "RHSA-2011:1364",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2011-1364.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2011-3365",
        "datePublished": "2011-11-29T17:00:00.000Z",
        "dateReserved": "2011-08-30T00:00:00.000Z",
        "dateUpdated": "2024-08-06T23:29:56.731Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-1586 (GCVE-0-2011-1586)

    Vulnerability from cvelistv5 – Published: 2011-04-27 00:00 – Updated: 2024-08-06 22:28
    VLAI
    Summary
    Directory traversal vulnerability in the KGetMetalink::File::isValidNameAttr function in ui/metalinkcreator/metalinker.cpp in KGet in KDE SC 4.6.2 and earlier allows remote attackers to create arbitrary files via a .. (dot dot) in the name attribute of a file element in a metalink file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-1000.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2011-04-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T22:28:42.059Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://launchpad.net/bugs/757526"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://websvn.kde.org/branches/KDE/4.4/kdenetwork/kget/ui/metalinkcreator/metalinker.cpp?r1=1227468\u0026r2=1227467\u0026pathrev=1227468"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://websvn.kde.org/branches/KDE/4.6/kdenetwork/kget/ui/metalinkcreator/metalinker.cpp?r1=1227471\u0026r2=1227470\u0026pathrev=1227471"
              },
              {
                "name": "44124",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/44124"
              },
              {
                "name": "[oss-security] 20110415 Re: CVE Request: incomplete fix for CVE-2010-1000 in KDE network",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://openwall.com/lists/oss-security/2011/04/15/9"
              },
              {
                "name": "ADV-2011-1135",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/1135"
              },
              {
                "name": "RHSA-2011:0465",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2011-0465.html"
              },
              {
                "name": "ADV-2011-1019",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/1019"
              },
              {
                "name": "44329",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/44329"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://websvn.kde.org/branches/KDE/4.5/kdenetwork/kget/ui/metalinkcreator/metalinker.cpp?r1=1227469\u0026r2=1227468\u0026pathrev=1227469"
              },
              {
                "name": "ADV-2011-1021",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/1021"
              },
              {
                "name": "MDVSA-2011:081",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:081"
              },
              {
                "name": "USN-1114-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/usn-1114-1/"
              },
              {
                "name": "kget-name-directory-traversal(66826)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66826"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=697042"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-04-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in the KGetMetalink::File::isValidNameAttr function in ui/metalinkcreator/metalinker.cpp in KGet in KDE SC 4.6.2 and earlier allows remote attackers to create arbitrary files via a .. (dot dot) in the name attribute of a file element in a metalink file.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-1000."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://launchpad.net/bugs/757526"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://websvn.kde.org/branches/KDE/4.4/kdenetwork/kget/ui/metalinkcreator/metalinker.cpp?r1=1227468\u0026r2=1227467\u0026pathrev=1227468"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://websvn.kde.org/branches/KDE/4.6/kdenetwork/kget/ui/metalinkcreator/metalinker.cpp?r1=1227471\u0026r2=1227470\u0026pathrev=1227471"
            },
            {
              "name": "44124",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/44124"
            },
            {
              "name": "[oss-security] 20110415 Re: CVE Request: incomplete fix for CVE-2010-1000 in KDE network",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://openwall.com/lists/oss-security/2011/04/15/9"
            },
            {
              "name": "ADV-2011-1135",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/1135"
            },
            {
              "name": "RHSA-2011:0465",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2011-0465.html"
            },
            {
              "name": "ADV-2011-1019",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/1019"
            },
            {
              "name": "44329",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/44329"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://websvn.kde.org/branches/KDE/4.5/kdenetwork/kget/ui/metalinkcreator/metalinker.cpp?r1=1227469\u0026r2=1227468\u0026pathrev=1227469"
            },
            {
              "name": "ADV-2011-1021",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/1021"
            },
            {
              "name": "MDVSA-2011:081",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:081"
            },
            {
              "name": "USN-1114-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/usn-1114-1/"
            },
            {
              "name": "kget-name-directory-traversal(66826)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66826"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=697042"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2011-1586",
        "datePublished": "2011-04-27T00:00:00.000Z",
        "dateReserved": "2011-04-05T00:00:00.000Z",
        "dateUpdated": "2024-08-06T22:28:42.059Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-1168 (GCVE-0-2011-1168)

    Vulnerability from cvelistv5 – Published: 2011-04-18 18:00 – Updated: 2024-08-06 22:14
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in the KHTMLPart::htmlError function in khtml/khtml_part.cpp in Konqueror in KDE SC 4.4.0 through 4.6.1 allows remote attackers to inject arbitrary web script or HTML via the URI in a URL corresponding to an unavailable web site.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.vupen.com/english/advisories/2011/0990 vdb-entryx_refsource_VUPEN
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://www.securityfocus.com/archive/1/517433/100… mailing-listx_refsource_BUGTRAQ
    http://secunia.com/advisories/44108 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/47304 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/517432/100… mailing-listx_refsource_BUGTRAQ
    http://www.ubuntu.com/usn/USN-1110-1 vendor-advisoryx_refsource_UBUNTU
    http://www.vupen.com/english/advisories/2011/0928 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/44065 third-party-advisoryx_refsource_SECUNIA
    https://bugzilla.redhat.com/show_bug.cgi?id=695398 x_refsource_CONFIRM
    http://securityreason.com/securityalert/8208 third-party-advisoryx_refsource_SREASON
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2011/0927 vdb-entryx_refsource_VUPEN
    http://slackware.com/security/viewer.php?l=slackw… vendor-advisoryx_refsource_SLACKWARE
    http://www.kde.org/info/security/advisory-2011041… x_refsource_CONFIRM
    http://www.nth-dimension.org.uk/pub/NDSA20110321.… x_refsource_MISC
    http://securitytracker.com/id?1025322 vdb-entryx_refsource_SECTRACK
    Date Public
    2011-04-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T22:14:27.829Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2011-0990",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/0990"
              },
              {
                "name": "MDVSA-2011:075",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:075"
              },
              {
                "name": "SUSE-SR:2011:009",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
              },
              {
                "name": "20110412 Re: [Full-disclosure] Medium severity flaw in Konqueror",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/517433/100/0/threaded"
              },
              {
                "name": "44108",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/44108"
              },
              {
                "name": "47304",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/47304"
              },
              {
                "name": "20110411 Medium severity flaw in Konqueror",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/517432/100/0/threaded"
              },
              {
                "name": "USN-1110-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-1110-1"
              },
              {
                "name": "ADV-2011-0928",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/0928"
              },
              {
                "name": "44065",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/44065"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=695398"
              },
              {
                "name": "8208",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/8208"
              },
              {
                "name": "konqueror-khtmlparthtmlerror-xss(66697)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66697"
              },
              {
                "name": "ADV-2011-0927",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/0927"
              },
              {
                "name": "SSA:2011-101-02",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SLACKWARE",
                  "x_transferred"
                ],
                "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2011\u0026m=slackware-security.329727"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.kde.org/info/security/advisory-20110411-1.txt"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.nth-dimension.org.uk/pub/NDSA20110321.txt.asc"
              },
              {
                "name": "1025322",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1025322"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-04-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in the KHTMLPart::htmlError function in khtml/khtml_part.cpp in Konqueror in KDE SC 4.4.0 through 4.6.1 allows remote attackers to inject arbitrary web script or HTML via the URI in a URL corresponding to an unavailable web site."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-09T18:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "ADV-2011-0990",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0990"
            },
            {
              "name": "MDVSA-2011:075",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:075"
            },
            {
              "name": "SUSE-SR:2011:009",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
            },
            {
              "name": "20110412 Re: [Full-disclosure] Medium severity flaw in Konqueror",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/517433/100/0/threaded"
            },
            {
              "name": "44108",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/44108"
            },
            {
              "name": "47304",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/47304"
            },
            {
              "name": "20110411 Medium severity flaw in Konqueror",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/517432/100/0/threaded"
            },
            {
              "name": "USN-1110-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-1110-1"
            },
            {
              "name": "ADV-2011-0928",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0928"
            },
            {
              "name": "44065",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/44065"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=695398"
            },
            {
              "name": "8208",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/8208"
            },
            {
              "name": "konqueror-khtmlparthtmlerror-xss(66697)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66697"
            },
            {
              "name": "ADV-2011-0927",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0927"
            },
            {
              "name": "SSA:2011-101-02",
              "tags": [
                "vendor-advisory",
                "x_refsource_SLACKWARE"
              ],
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2011\u0026m=slackware-security.329727"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.kde.org/info/security/advisory-20110411-1.txt"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.nth-dimension.org.uk/pub/NDSA20110321.txt.asc"
            },
            {
              "name": "1025322",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1025322"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2011-1168",
        "datePublished": "2011-04-18T18:00:00.000Z",
        "dateReserved": "2011-03-03T00:00:00.000Z",
        "dateUpdated": "2024-08-06T22:14:27.829Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-2575 (GCVE-0-2010-2575)

    Vulnerability from cvelistv5 – Published: 2010-08-30 20:00 – Updated: 2024-08-07 02:39
    VLAI
    Summary
    Heap-based buffer overflow in the RLE decompression functionality in the TranscribePalmImageToJPEG function in generators/plucker/inplug/image.cpp in Okular in KDE SC 4.3.0 through 4.5.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image in a PDB file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.ubuntu.com/usn/USN-979-1 vendor-advisoryx_refsource_UBUNTU
    http://www.vupen.com/english/advisories/2010/2178 vdb-entryx_refsource_VUPEN
    http://www.vupen.com/english/advisories/2010/2202 vdb-entryx_refsource_VUPEN
    http://www.vupen.com/english/advisories/2010/2219 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/41132 third-party-advisoryx_refsource_SECUNIA
    http://www.kde.org/info/security/advisory-2010082… x_refsource_CONFIRM
    http://www.securityfocus.com/archive/1/513341/100… mailing-listx_refsource_BUGTRAQ
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://slackware.com/security/viewer.php?l=slackw… vendor-advisoryx_refsource_SLACKWARE
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2010/2206 vdb-entryx_refsource_VUPEN
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://www.osvdb.org/67454 vdb-entryx_refsource_OSVDB
    http://www.vupen.com/english/advisories/2010/2230 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/41086 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2010/2179 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/40952 third-party-advisoryx_refsource_SECUNIA
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://secunia.com/secunia_research/2010-109/ x_refsource_MISC
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    https://bugzilla.redhat.com/show_bug.cgi?id=627289 x_refsource_CONFIRM
    Date Public
    2010-08-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T02:39:37.989Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "USN-979-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-979-1"
              },
              {
                "name": "ADV-2010-2178",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/2178"
              },
              {
                "name": "ADV-2010-2202",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/2202"
              },
              {
                "name": "ADV-2010-2219",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/2219"
              },
              {
                "name": "41132",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/41132"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.kde.org/info/security/advisory-20100825-1.txt"
              },
              {
                "name": "20100825 Secunia Research: KDE Okular PDB Parsing RLE Decompression Buffer Overflow",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/513341/100/0/threaded"
              },
              {
                "name": "FEDORA-2010-13661",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046542.html"
              },
              {
                "name": "SSA:2010-240-03",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SLACKWARE",
                  "x_transferred"
                ],
                "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.340142"
              },
              {
                "name": "FEDORA-2010-13629",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046524.html"
              },
              {
                "name": "okularpdb-imagecpp-bo(61371)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61371"
              },
              {
                "name": "ADV-2010-2206",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/2206"
              },
              {
                "name": "MDVSA-2010:162",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:162"
              },
              {
                "name": "67454",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/67454"
              },
              {
                "name": "ADV-2010-2230",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/2230"
              },
              {
                "name": "41086",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/41086"
              },
              {
                "name": "ADV-2010-2179",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/2179"
              },
              {
                "name": "40952",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/40952"
              },
              {
                "name": "SUSE-SR:2010:018",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://secunia.com/secunia_research/2010-109/"
              },
              {
                "name": "FEDORA-2010-13589",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046448.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=627289"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-08-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in the RLE decompression functionality in the TranscribePalmImageToJPEG function in generators/plucker/inplug/image.cpp in Okular in KDE SC 4.3.0 through 4.5.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image in a PDB file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
            "shortName": "flexera"
          },
          "references": [
            {
              "name": "USN-979-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-979-1"
            },
            {
              "name": "ADV-2010-2178",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/2178"
            },
            {
              "name": "ADV-2010-2202",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/2202"
            },
            {
              "name": "ADV-2010-2219",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/2219"
            },
            {
              "name": "41132",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/41132"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.kde.org/info/security/advisory-20100825-1.txt"
            },
            {
              "name": "20100825 Secunia Research: KDE Okular PDB Parsing RLE Decompression Buffer Overflow",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/513341/100/0/threaded"
            },
            {
              "name": "FEDORA-2010-13661",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046542.html"
            },
            {
              "name": "SSA:2010-240-03",
              "tags": [
                "vendor-advisory",
                "x_refsource_SLACKWARE"
              ],
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.340142"
            },
            {
              "name": "FEDORA-2010-13629",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046524.html"
            },
            {
              "name": "okularpdb-imagecpp-bo(61371)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61371"
            },
            {
              "name": "ADV-2010-2206",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/2206"
            },
            {
              "name": "MDVSA-2010:162",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:162"
            },
            {
              "name": "67454",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/67454"
            },
            {
              "name": "ADV-2010-2230",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/2230"
            },
            {
              "name": "41086",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/41086"
            },
            {
              "name": "ADV-2010-2179",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/2179"
            },
            {
              "name": "40952",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/40952"
            },
            {
              "name": "SUSE-SR:2010:018",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://secunia.com/secunia_research/2010-109/"
            },
            {
              "name": "FEDORA-2010-13589",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046448.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=627289"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
              "ID": "CVE-2010-2575",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in the RLE decompression functionality in the TranscribePalmImageToJPEG function in generators/plucker/inplug/image.cpp in Okular in KDE SC 4.3.0 through 4.5.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image in a PDB file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "USN-979-1",
                  "refsource": "UBUNTU",
                  "url": "http://www.ubuntu.com/usn/USN-979-1"
                },
                {
                  "name": "ADV-2010-2178",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/2178"
                },
                {
                  "name": "ADV-2010-2202",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/2202"
                },
                {
                  "name": "ADV-2010-2219",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/2219"
                },
                {
                  "name": "41132",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/41132"
                },
                {
                  "name": "http://www.kde.org/info/security/advisory-20100825-1.txt",
                  "refsource": "CONFIRM",
                  "url": "http://www.kde.org/info/security/advisory-20100825-1.txt"
                },
                {
                  "name": "20100825 Secunia Research: KDE Okular PDB Parsing RLE Decompression Buffer Overflow",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/513341/100/0/threaded"
                },
                {
                  "name": "FEDORA-2010-13661",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046542.html"
                },
                {
                  "name": "SSA:2010-240-03",
                  "refsource": "SLACKWARE",
                  "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.340142"
                },
                {
                  "name": "FEDORA-2010-13629",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046524.html"
                },
                {
                  "name": "okularpdb-imagecpp-bo(61371)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61371"
                },
                {
                  "name": "ADV-2010-2206",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/2206"
                },
                {
                  "name": "MDVSA-2010:162",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:162"
                },
                {
                  "name": "67454",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/67454"
                },
                {
                  "name": "ADV-2010-2230",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/2230"
                },
                {
                  "name": "41086",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/41086"
                },
                {
                  "name": "ADV-2010-2179",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/2179"
                },
                {
                  "name": "40952",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/40952"
                },
                {
                  "name": "SUSE-SR:2010:018",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html"
                },
                {
                  "name": "http://secunia.com/secunia_research/2010-109/",
                  "refsource": "MISC",
                  "url": "http://secunia.com/secunia_research/2010-109/"
                },
                {
                  "name": "FEDORA-2010-13589",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046448.html"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=627289",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=627289"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
        "assignerShortName": "flexera",
        "cveId": "CVE-2010-2575",
        "datePublished": "2010-08-30T20:00:00.000Z",
        "dateReserved": "2010-07-01T00:00:00.000Z",
        "dateUpdated": "2024-08-07T02:39:37.989Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-1511 (GCVE-0-2010-1511)

    Vulnerability from cvelistv5 – Published: 2010-05-17 20:42 – Updated: 2024-08-07 01:28
    VLAI
    Summary
    KGet 2.4.2 in KDE SC 4.0.0 through 4.4.3 does not properly request download confirmation from the user, which makes it easier for remote attackers to overwrite arbitrary files via a crafted metalink file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/40141 vdb-entryx_refsource_BID
    http://www.ubuntu.com/usn/USN-938-1 vendor-advisoryx_refsource_UBUNTU
    http://www.securityfocus.com/archive/1/511279/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/archive/1/511294/100… mailing-listx_refsource_BUGTRAQ
    http://www.vupen.com/english/advisories/2010/1144 vdb-entryx_refsource_VUPEN
    http://secunia.com/secunia_research/2010-70/ x_refsource_MISC
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.kde.org/info/security/advisory-2010051… x_refsource_CONFIRM
    http://www.vupen.com/english/advisories/2010/3096 vdb-entryx_refsource_VUPEN
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://marc.info/?l=oss-security&m=127378789518426&w=2 mailing-listx_refsource_MLIST
    http://secunia.com/advisories/39528 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2010/1142 vdb-entryx_refsource_VUPEN
    http://securitytracker.com/id?1023984 vdb-entryx_refsource_SECTRACK
    http://osvdb.org/64689 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/39787 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2010-05-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T01:28:41.483Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "40141",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/40141"
              },
              {
                "name": "USN-938-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-938-1"
              },
              {
                "name": "20100513 Secunia Research: KDE KGet Insecure File Operation Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/511279/100/0/threaded"
              },
              {
                "name": "20100514 Re: Secunia Research: KDE KGet Insecure File Operation Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/511294/100/0/threaded"
              },
              {
                "name": "ADV-2010-1144",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/1144"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://secunia.com/secunia_research/2010-70/"
              },
              {
                "name": "kde-metalink-file-overwrite(58629)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58629"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.kde.org/info/security/advisory-20100513-1.txt"
              },
              {
                "name": "ADV-2010-3096",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/3096"
              },
              {
                "name": "FEDORA-2010-18029",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051692.html"
              },
              {
                "name": "[oss-security] 20100513 KDENetwork vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=oss-security\u0026m=127378789518426\u0026w=2"
              },
              {
                "name": "39528",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/39528"
              },
              {
                "name": "ADV-2010-1142",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/1142"
              },
              {
                "name": "1023984",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023984"
              },
              {
                "name": "64689",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/64689"
              },
              {
                "name": "39787",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/39787"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-05-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "KGet 2.4.2 in KDE SC 4.0.0 through 4.4.3 does not properly request download confirmation from the user, which makes it easier for remote attackers to overwrite arbitrary files via a crafted metalink file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
            "shortName": "flexera"
          },
          "references": [
            {
              "name": "40141",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/40141"
            },
            {
              "name": "USN-938-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-938-1"
            },
            {
              "name": "20100513 Secunia Research: KDE KGet Insecure File Operation Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/511279/100/0/threaded"
            },
            {
              "name": "20100514 Re: Secunia Research: KDE KGet Insecure File Operation Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/511294/100/0/threaded"
            },
            {
              "name": "ADV-2010-1144",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/1144"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://secunia.com/secunia_research/2010-70/"
            },
            {
              "name": "kde-metalink-file-overwrite(58629)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58629"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.kde.org/info/security/advisory-20100513-1.txt"
            },
            {
              "name": "ADV-2010-3096",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/3096"
            },
            {
              "name": "FEDORA-2010-18029",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051692.html"
            },
            {
              "name": "[oss-security] 20100513 KDENetwork vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://marc.info/?l=oss-security\u0026m=127378789518426\u0026w=2"
            },
            {
              "name": "39528",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/39528"
            },
            {
              "name": "ADV-2010-1142",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/1142"
            },
            {
              "name": "1023984",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023984"
            },
            {
              "name": "64689",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/64689"
            },
            {
              "name": "39787",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/39787"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
              "ID": "CVE-2010-1511",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "KGet 2.4.2 in KDE SC 4.0.0 through 4.4.3 does not properly request download confirmation from the user, which makes it easier for remote attackers to overwrite arbitrary files via a crafted metalink file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "40141",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/40141"
                },
                {
                  "name": "USN-938-1",
                  "refsource": "UBUNTU",
                  "url": "http://www.ubuntu.com/usn/USN-938-1"
                },
                {
                  "name": "20100513 Secunia Research: KDE KGet Insecure File Operation Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/511279/100/0/threaded"
                },
                {
                  "name": "20100514 Re: Secunia Research: KDE KGet Insecure File Operation Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/511294/100/0/threaded"
                },
                {
                  "name": "ADV-2010-1144",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/1144"
                },
                {
                  "name": "http://secunia.com/secunia_research/2010-70/",
                  "refsource": "MISC",
                  "url": "http://secunia.com/secunia_research/2010-70/"
                },
                {
                  "name": "kde-metalink-file-overwrite(58629)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58629"
                },
                {
                  "name": "http://www.kde.org/info/security/advisory-20100513-1.txt",
                  "refsource": "CONFIRM",
                  "url": "http://www.kde.org/info/security/advisory-20100513-1.txt"
                },
                {
                  "name": "ADV-2010-3096",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/3096"
                },
                {
                  "name": "FEDORA-2010-18029",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051692.html"
                },
                {
                  "name": "[oss-security] 20100513 KDENetwork vulnerabilities",
                  "refsource": "MLIST",
                  "url": "http://marc.info/?l=oss-security\u0026m=127378789518426\u0026w=2"
                },
                {
                  "name": "39528",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/39528"
                },
                {
                  "name": "ADV-2010-1142",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/1142"
                },
                {
                  "name": "1023984",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023984"
                },
                {
                  "name": "64689",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/64689"
                },
                {
                  "name": "39787",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/39787"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
        "assignerShortName": "flexera",
        "cveId": "CVE-2010-1511",
        "datePublished": "2010-05-17T20:42:00.000Z",
        "dateReserved": "2010-04-26T00:00:00.000Z",
        "dateUpdated": "2024-08-07T01:28:41.483Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-1000 (GCVE-0-2010-1000)

    Vulnerability from cvelistv5 – Published: 2010-05-17 20:42 – Updated: 2024-08-07 01:06
    VLAI
    Summary
    Directory traversal vulnerability in KGet in KDE SC 4.0.0 through 4.4.3 allows remote attackers to create arbitrary files via directory traversal sequences in the name attribute of a file element in a metalink file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/40141 vdb-entryx_refsource_BID
    http://www.ubuntu.com/usn/USN-938-1 vendor-advisoryx_refsource_UBUNTU
    http://www.vupen.com/english/advisories/2011/1101 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/42423 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/1/511294/100… mailing-listx_refsource_BUGTRAQ
    http://www.vupen.com/english/advisories/2010/1144 vdb-entryx_refsource_VUPEN
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://secunia.com/secunia_research/2010-69/ x_refsource_MISC
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/511281/100… mailing-listx_refsource_BUGTRAQ
    http://www.kde.org/info/security/advisory-2010051… x_refsource_CONFIRM
    http://www.vupen.com/english/advisories/2010/3096 vdb-entryx_refsource_VUPEN
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://marc.info/?l=oss-security&m=127378789518426&w=2 mailing-listx_refsource_MLIST
    http://secunia.com/advisories/39528 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2010/1142 vdb-entryx_refsource_VUPEN
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://securitytracker.com/id?1023984 vdb-entryx_refsource_SECTRACK
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://osvdb.org/64690 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/39787 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2010-05-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T01:06:52.535Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "40141",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/40141"
              },
              {
                "name": "USN-938-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-938-1"
              },
              {
                "name": "ADV-2011-1101",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/1101"
              },
              {
                "name": "42423",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/42423"
              },
              {
                "name": "20100514 Re: Secunia Research: KDE KGet Insecure File Operation Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/511294/100/0/threaded"
              },
              {
                "name": "ADV-2010-1144",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/1144"
              },
              {
                "name": "MDVSA-2010:098",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:098"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://secunia.com/secunia_research/2010-69/"
              },
              {
                "name": "kde-name-directory-traversal(58628)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58628"
              },
              {
                "name": "20100513 Secunia Research: KDE KGet metalink \"name\" Directory Traversal Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/511281/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.kde.org/info/security/advisory-20100513-1.txt"
              },
              {
                "name": "ADV-2010-3096",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/3096"
              },
              {
                "name": "FEDORA-2010-18029",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051692.html"
              },
              {
                "name": "[oss-security] 20100513 KDENetwork vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=oss-security\u0026m=127378789518426\u0026w=2"
              },
              {
                "name": "39528",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/39528"
              },
              {
                "name": "ADV-2010-1142",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/1142"
              },
              {
                "name": "FEDORA-2011-5211",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058580.html"
              },
              {
                "name": "1023984",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023984"
              },
              {
                "name": "SUSE-SR:2010:024",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
              },
              {
                "name": "64690",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/64690"
              },
              {
                "name": "39787",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/39787"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-05-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in KGet in KDE SC 4.0.0 through 4.4.3 allows remote attackers to create arbitrary files via directory traversal sequences in the name attribute of a file element in a metalink file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
            "shortName": "flexera"
          },
          "references": [
            {
              "name": "40141",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/40141"
            },
            {
              "name": "USN-938-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-938-1"
            },
            {
              "name": "ADV-2011-1101",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/1101"
            },
            {
              "name": "42423",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/42423"
            },
            {
              "name": "20100514 Re: Secunia Research: KDE KGet Insecure File Operation Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/511294/100/0/threaded"
            },
            {
              "name": "ADV-2010-1144",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/1144"
            },
            {
              "name": "MDVSA-2010:098",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:098"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://secunia.com/secunia_research/2010-69/"
            },
            {
              "name": "kde-name-directory-traversal(58628)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58628"
            },
            {
              "name": "20100513 Secunia Research: KDE KGet metalink \"name\" Directory Traversal Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/511281/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.kde.org/info/security/advisory-20100513-1.txt"
            },
            {
              "name": "ADV-2010-3096",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/3096"
            },
            {
              "name": "FEDORA-2010-18029",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051692.html"
            },
            {
              "name": "[oss-security] 20100513 KDENetwork vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://marc.info/?l=oss-security\u0026m=127378789518426\u0026w=2"
            },
            {
              "name": "39528",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/39528"
            },
            {
              "name": "ADV-2010-1142",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/1142"
            },
            {
              "name": "FEDORA-2011-5211",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058580.html"
            },
            {
              "name": "1023984",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023984"
            },
            {
              "name": "SUSE-SR:2010:024",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
            },
            {
              "name": "64690",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/64690"
            },
            {
              "name": "39787",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/39787"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
              "ID": "CVE-2010-1000",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Directory traversal vulnerability in KGet in KDE SC 4.0.0 through 4.4.3 allows remote attackers to create arbitrary files via directory traversal sequences in the name attribute of a file element in a metalink file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "40141",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/40141"
                },
                {
                  "name": "USN-938-1",
                  "refsource": "UBUNTU",
                  "url": "http://www.ubuntu.com/usn/USN-938-1"
                },
                {
                  "name": "ADV-2011-1101",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2011/1101"
                },
                {
                  "name": "42423",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/42423"
                },
                {
                  "name": "20100514 Re: Secunia Research: KDE KGet Insecure File Operation Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/511294/100/0/threaded"
                },
                {
                  "name": "ADV-2010-1144",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/1144"
                },
                {
                  "name": "MDVSA-2010:098",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:098"
                },
                {
                  "name": "http://secunia.com/secunia_research/2010-69/",
                  "refsource": "MISC",
                  "url": "http://secunia.com/secunia_research/2010-69/"
                },
                {
                  "name": "kde-name-directory-traversal(58628)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58628"
                },
                {
                  "name": "20100513 Secunia Research: KDE KGet metalink \"name\" Directory Traversal Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/511281/100/0/threaded"
                },
                {
                  "name": "http://www.kde.org/info/security/advisory-20100513-1.txt",
                  "refsource": "CONFIRM",
                  "url": "http://www.kde.org/info/security/advisory-20100513-1.txt"
                },
                {
                  "name": "ADV-2010-3096",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/3096"
                },
                {
                  "name": "FEDORA-2010-18029",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051692.html"
                },
                {
                  "name": "[oss-security] 20100513 KDENetwork vulnerabilities",
                  "refsource": "MLIST",
                  "url": "http://marc.info/?l=oss-security\u0026m=127378789518426\u0026w=2"
                },
                {
                  "name": "39528",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/39528"
                },
                {
                  "name": "ADV-2010-1142",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/1142"
                },
                {
                  "name": "FEDORA-2011-5211",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058580.html"
                },
                {
                  "name": "1023984",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023984"
                },
                {
                  "name": "SUSE-SR:2010:024",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
                },
                {
                  "name": "64690",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/64690"
                },
                {
                  "name": "39787",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/39787"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
        "assignerShortName": "flexera",
        "cveId": "CVE-2010-1000",
        "datePublished": "2010-05-17T20:42:00.000Z",
        "dateReserved": "2010-03-18T00:00:00.000Z",
        "dateUpdated": "2024-08-07T01:06:52.535Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-0436 (GCVE-0-2010-0436)

    Vulnerability from cvelistv5 – Published: 2010-04-15 17:00 – Updated: 2024-08-07 00:52
    VLAI
    Summary
    Race condition in backend/ctrl.c in KDM in KDE Software Compilation (SC) 2.2.0 through 4.4.2 allows local users to change the permissions of arbitrary files, and consequently gain privileges, by blocking the removal of a certain directory that contains a control socket, related to improper interaction with ksm.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.debian.org/security/2010/dsa-2037 vendor-advisoryx_refsource_DEBIAN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/39481 third-party-advisoryx_refsource_SECUNIA
    http://rhn.redhat.com/errata/RHSA-2010-0348.html vendor-advisoryx_refsource_REDHAT
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    https://bugzilla.redhat.com/show_bug.cgi?id=570613 x_refsource_CONFIRM
    http://secunia.com/advisories/39419 third-party-advisoryx_refsource_SECUNIA
    ftp://ftp.kde.org/pub/kde/security_patches/kdebas… x_refsource_CONFIRM
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://www.kde.org/info/security/advisory-2010041… x_refsource_CONFIRM
    http://secunia.com/advisories/39506 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2010/0879 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/39467 vdb-entryx_refsource_BID
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    Date Public
    2010-04-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T00:52:17.347Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "DSA-2037",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2010/dsa-2037"
              },
              {
                "name": "kde-kdm-privilege-escalation(57823)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57823"
              },
              {
                "name": "39481",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/39481"
              },
              {
                "name": "RHSA-2010:0348",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2010-0348.html"
              },
              {
                "name": "FEDORA-2010-6605",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039533.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=570613"
              },
              {
                "name": "39419",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/39419"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "ftp://ftp.kde.org/pub/kde/security_patches/kdebase-workspace-4.3.5-CVE-2010-0436.diff"
              },
              {
                "name": "SUSE-SR:2010:009",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00002.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.kde.org/info/security/advisory-20100413-1.txt"
              },
              {
                "name": "39506",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/39506"
              },
              {
                "name": "ADV-2010-0879",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0879"
              },
              {
                "name": "39467",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/39467"
              },
              {
                "name": "oval:org.mitre.oval:def:9999",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9999"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-04-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Race condition in backend/ctrl.c in KDM in KDE Software Compilation (SC) 2.2.0 through 4.4.2 allows local users to change the permissions of arbitrary files, and consequently gain privileges, by blocking the removal of a certain directory that contains a control socket, related to improper interaction with ksm."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "DSA-2037",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2010/dsa-2037"
            },
            {
              "name": "kde-kdm-privilege-escalation(57823)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57823"
            },
            {
              "name": "39481",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/39481"
            },
            {
              "name": "RHSA-2010:0348",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2010-0348.html"
            },
            {
              "name": "FEDORA-2010-6605",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039533.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=570613"
            },
            {
              "name": "39419",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/39419"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "ftp://ftp.kde.org/pub/kde/security_patches/kdebase-workspace-4.3.5-CVE-2010-0436.diff"
            },
            {
              "name": "SUSE-SR:2010:009",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00002.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.kde.org/info/security/advisory-20100413-1.txt"
            },
            {
              "name": "39506",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/39506"
            },
            {
              "name": "ADV-2010-0879",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0879"
            },
            {
              "name": "39467",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/39467"
            },
            {
              "name": "oval:org.mitre.oval:def:9999",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9999"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2010-0436",
        "datePublished": "2010-04-15T17:00:00.000Z",
        "dateReserved": "2010-01-27T00:00:00.000Z",
        "dateUpdated": "2024-08-07T00:52:17.347Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-0923 (GCVE-0-2010-0923)

    Vulnerability from cvelistv5 – Published: 2010-03-03 19:00 – Updated: 2024-09-17 00:11
    VLAI
    Summary
    Race condition in workspace/krunner/lock/lockdlg.cc in the KRunner lock module in kdebase in KDE SC 4.4.0 allows physically proximate attackers to bypass KScreenSaver screen locking and access an unattended workstation by pressing the Enter key at a certain time, related to multiple forked processes.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T01:06:52.502Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://websvn.kde.org/?view=revision\u0026revision=1089241"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bugs.kde.org/show_bug.cgi?id=226449"
              },
              {
                "name": "38600",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38600"
              },
              {
                "name": "[oss-security] 20100212 Re: Re: CVE Request: KDE screensaver unlock issue similar to GNOME one",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=oss-security\u0026m=126600468622421\u0026w=2"
              },
              {
                "name": "[oss-security] 20100212 Re: CVE Request: KDE screensaver unlock issue similar to GNOME one",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=oss-security\u0026m=126599909614401\u0026w=2"
              },
              {
                "name": "[oss-security] 20100217 Re: Re: CVE Request: KDE screensaver unlock issue similar to GNOME one",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2010/02/17/3"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://websvn.kde.org/?revision=1089213\u0026view=revision"
              },
              {
                "name": "[oss-security] 20100212 CVE Request: KDE screensaver unlock issue similar to GNOME one",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=oss-security\u0026m=126598163422670\u0026w=2"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.novell.com/show_bug.cgi?id=579280"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.kde.org/info/security/advisory-20100217-1.txt"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://websvn.kde.org/trunk/KDE/kdebase/workspace/krunner/lock/lockdlg.cc?r1=1089213\u0026r2=1089212\u0026pathrev=1089213"
              },
              {
                "name": "1023641",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023641"
              },
              {
                "name": "ADV-2010-0409",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0409"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugs.kde.org/show_bug.cgi?id=217882"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Race condition in workspace/krunner/lock/lockdlg.cc in the KRunner lock module in kdebase in KDE SC 4.4.0 allows physically proximate attackers to bypass KScreenSaver screen locking and access an unattended workstation by pressing the Enter key at a certain time, related to multiple forked processes."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2010-03-03T19:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://websvn.kde.org/?view=revision\u0026revision=1089241"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bugs.kde.org/show_bug.cgi?id=226449"
            },
            {
              "name": "38600",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38600"
            },
            {
              "name": "[oss-security] 20100212 Re: Re: CVE Request: KDE screensaver unlock issue similar to GNOME one",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://marc.info/?l=oss-security\u0026m=126600468622421\u0026w=2"
            },
            {
              "name": "[oss-security] 20100212 Re: CVE Request: KDE screensaver unlock issue similar to GNOME one",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://marc.info/?l=oss-security\u0026m=126599909614401\u0026w=2"
            },
            {
              "name": "[oss-security] 20100217 Re: Re: CVE Request: KDE screensaver unlock issue similar to GNOME one",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2010/02/17/3"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://websvn.kde.org/?revision=1089213\u0026view=revision"
            },
            {
              "name": "[oss-security] 20100212 CVE Request: KDE screensaver unlock issue similar to GNOME one",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://marc.info/?l=oss-security\u0026m=126598163422670\u0026w=2"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.novell.com/show_bug.cgi?id=579280"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.kde.org/info/security/advisory-20100217-1.txt"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://websvn.kde.org/trunk/KDE/kdebase/workspace/krunner/lock/lockdlg.cc?r1=1089213\u0026r2=1089212\u0026pathrev=1089213"
            },
            {
              "name": "1023641",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023641"
            },
            {
              "name": "ADV-2010-0409",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0409"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugs.kde.org/show_bug.cgi?id=217882"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2010-0923",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Race condition in workspace/krunner/lock/lockdlg.cc in the KRunner lock module in kdebase in KDE SC 4.4.0 allows physically proximate attackers to bypass KScreenSaver screen locking and access an unattended workstation by pressing the Enter key at a certain time, related to multiple forked processes."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://websvn.kde.org/?view=revision\u0026revision=1089241",
                  "refsource": "CONFIRM",
                  "url": "http://websvn.kde.org/?view=revision\u0026revision=1089241"
                },
                {
                  "name": "http://bugs.kde.org/show_bug.cgi?id=226449",
                  "refsource": "CONFIRM",
                  "url": "http://bugs.kde.org/show_bug.cgi?id=226449"
                },
                {
                  "name": "38600",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38600"
                },
                {
                  "name": "[oss-security] 20100212 Re: Re: CVE Request: KDE screensaver unlock issue similar to GNOME one",
                  "refsource": "MLIST",
                  "url": "http://marc.info/?l=oss-security\u0026m=126600468622421\u0026w=2"
                },
                {
                  "name": "[oss-security] 20100212 Re: CVE Request: KDE screensaver unlock issue similar to GNOME one",
                  "refsource": "MLIST",
                  "url": "http://marc.info/?l=oss-security\u0026m=126599909614401\u0026w=2"
                },
                {
                  "name": "[oss-security] 20100217 Re: Re: CVE Request: KDE screensaver unlock issue similar to GNOME one",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2010/02/17/3"
                },
                {
                  "name": "http://websvn.kde.org/?revision=1089213\u0026view=revision",
                  "refsource": "CONFIRM",
                  "url": "http://websvn.kde.org/?revision=1089213\u0026view=revision"
                },
                {
                  "name": "[oss-security] 20100212 CVE Request: KDE screensaver unlock issue similar to GNOME one",
                  "refsource": "MLIST",
                  "url": "http://marc.info/?l=oss-security\u0026m=126598163422670\u0026w=2"
                },
                {
                  "name": "https://bugzilla.novell.com/show_bug.cgi?id=579280",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.novell.com/show_bug.cgi?id=579280"
                },
                {
                  "name": "http://www.kde.org/info/security/advisory-20100217-1.txt",
                  "refsource": "CONFIRM",
                  "url": "http://www.kde.org/info/security/advisory-20100217-1.txt"
                },
                {
                  "name": "http://websvn.kde.org/trunk/KDE/kdebase/workspace/krunner/lock/lockdlg.cc?r1=1089213\u0026r2=1089212\u0026pathrev=1089213",
                  "refsource": "CONFIRM",
                  "url": "http://websvn.kde.org/trunk/KDE/kdebase/workspace/krunner/lock/lockdlg.cc?r1=1089213\u0026r2=1089212\u0026pathrev=1089213"
                },
                {
                  "name": "1023641",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023641"
                },
                {
                  "name": "ADV-2010-0409",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0409"
                },
                {
                  "name": "https://bugs.kde.org/show_bug.cgi?id=217882",
                  "refsource": "CONFIRM",
                  "url": "https://bugs.kde.org/show_bug.cgi?id=217882"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2010-0923",
        "datePublished": "2010-03-03T19:00:00.000Z",
        "dateReserved": "2010-03-03T00:00:00.000Z",
        "dateUpdated": "2024-09-17T00:11:48.522Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }