| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2012-3455 |
119 |
|
DoS Exec Code Overflow |
2012-08-20 |
2012-10-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Heap-based buffer overflow in the read function in filters/words/msword-odf/wv2/src/styles.cpp in the Microsoft import filter in KOffice 2.3.3 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted ODF style in an ODF document. NOTE: this is the same vulnerability as CVE-2012-3456, but it was SPLIT by the CNA even though Calligra and KOffice share the same codebase. |
|
2 |
CVE-2009-2702 |
310 |
|
|
2009-09-08 |
2012-01-18 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. |
|
3 |
CVE-2007-4941 |
399 |
|
DoS |
2007-09-18 |
2008-11-15 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
KMPlayer 2.9.3.1210 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a .avi file with certain large "indx truck size" and nEntriesInuse values. |
|
4 |
CVE-2007-1565 |
|
|
DoS |
2007-03-21 |
2008-09-05 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Konqueror 3.5.5 allows remote attackers to cause a denial of service (crash) by using JavaScript to read a child iframe having an ftp:// URI. |
|
5 |
CVE-2007-1265 |
|
|
|
2007-03-06 |
2008-11-15 |
7.8 |
None |
Remote |
Low |
Not required |
None |
Complete |
None |
|
KMail 1.9.5 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents KMail from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message without detection. |
|
6 |
CVE-2006-0019 |
|
|
Exec Code Overflow |
2006-01-20 |
2010-08-21 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Heap-based buffer overflow in the encodeURI and decodeURI functions in the kjs JavaScript interpreter engine in KDE 3.2.0 through 3.5.0 allows remote attackers to execute arbitrary code via a crafted, UTF-8 encoded URI. |
|
7 |
CVE-2005-2971 |
|
|
Exec Code Overflow |
2005-10-20 |
2008-09-10 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Heap-based buffer overflow in the KWord RTF importer for KOffice 1.2.0 through 1.4.1 allows remote attackers to execute arbitrary code via a crafted RTF file. |
|
8 |
CVE-2005-2494 |
|
|
|
2005-09-06 |
2010-08-21 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
kcheckpass in KDE 3.2.0 up to 3.4.2 allows local users to gain root access via a symlink attack on lock files. |
|
9 |
CVE-2005-1852 |
189 |
|
DoS Exec Code Overflow |
2005-07-26 |
2010-12-21 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message. |
|
10 |
CVE-2005-1046 |
|
|
Exec Code Overflow |
2005-05-02 |
2010-08-21 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in the kimgio library for KDE 3.4.0 allows remote attackers to execute arbitrary code via a crafted PCX image file. |
|
11 |
CVE-2005-0754 |
|
|
Exec Code |
2005-04-22 |
2008-09-05 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Kommander in KDE 3.2 through KDE 3.4.0 executes data files without confirmation from the user, which allows remote attackers to execute arbitrary code. |
|
12 |
CVE-2005-0206 |
|
|
Overflow |
2005-04-27 |
2010-08-21 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities. |
|
13 |
CVE-2004-1165 |
|
|
Exec Code |
2005-01-10 |
2010-08-21 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Konqueror 3.3.1 allows remote attackers to execute arbitrary FTP commands via an ftp:// URL that contains a URL-encoded newline ("%0a") before the FTP command, which causes the commands to be inserted into the resulting FTP session, as demonstrated using a PORT command. |
|
14 |
CVE-2004-1158 |
|
|
|
2005-01-10 |
2010-08-21 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Konqueror 3.x up to 3.2.2-6, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window or tab whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability. |
|
15 |
CVE-2004-0867 |
264 |
|
|
2004-12-23 |
2008-09-10 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Mozilla Firefox 0.9.2 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session. NOTE: it was later reported that 2.x is also affected. |
|
16 |
CVE-2004-0866 |
|
|
|
2004-09-16 |
2008-09-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Internet Explorer 6.0 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session. |
|
17 |
CVE-2004-0803 |
|
|
Exec Code Overflow |
2004-12-23 |
2010-08-21 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files. |
|
18 |
CVE-2004-0746 |
|
|
|
2004-10-20 |
2010-08-21 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session. |
|
19 |
CVE-2004-0721 |
|
|
|
2004-07-27 |
2010-08-21 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Konqueror 3.1.3, 3.2.2, and possibly other versions does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability. |
|
20 |
CVE-2004-0411 |
|
|
Exec Code |
2004-07-07 |
2008-09-10 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The URI handlers in Konqueror for KDE 3.2.2 and earlier do not properly filter "-" characters that begin a hostname in a (1) telnet, (2) rlogin, (3) ssh, or (4) mailto URI, which allows remote attackers to manipulate the options that are passed to the associated programs, possibly to read arbitrary files or execute arbitrary code. |
|
21 |
CVE-2003-0988 |
|
|
Exec Code Overflow |
2004-02-17 |
2008-09-05 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in the VCF file information reader for KDE Personal Information Management (kdepim) suite in KDE 3.1.0 through 3.1.4 allows attackers to execute arbitrary code via a VCF file. |
|
22 |
CVE-2003-0692 |
|
|
|
2003-10-06 |
2008-09-10 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
KDM in KDE 3.1.3 and earlier uses a weak session cookie generation algorithm that does not provide 128 bits of entropy, which allows attackers to guess session cookies via brute force methods and gain access to the user session. |
|
23 |
CVE-2003-0592 |
|
|
Dir. Trav. Bypass |
2004-04-15 |
2008-09-10 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Konqueror in KDE 3.1.3 and earlier (kdelibs) allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Konqueror to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application. |
|
24 |
CVE-2003-0370 |
|
|
|
2003-06-16 |
2008-09-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack. |
|
25 |
CVE-2003-0256 |
|
|
Exec Code |
2003-05-27 |
2008-09-10 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The GnuPG plugin in kopete before 0.6.2 does not properly cleanse the command line when executing gpg, which allows remote attackers to execute arbitrary commands. |
|
26 |
CVE-2003-0204 |
|
|
Exec Code |
2003-05-05 |
2008-09-10 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
KDE 2 and KDE 3.1.1 and earlier 3.x versions allows attackers to execute arbitrary commands via (1) PostScript (PS) or (2) PDF files, related to missing -dPARANOIDSAFER and -dSAFER arguments when using the kghostview Ghostscript viewer. |
|
27 |
CVE-2002-1393 |
|
|
Exec Code |
2003-01-17 |
2008-09-10 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Multiple vulnerabilities in KDE 2 and KDE 3.x through 3.0.5 do not quote certain parameters that are inserted into a shell command, which could allow remote attackers to execute arbitrary commands via (1) URLs, (2) filenames, or (3) e-mail addresses. |
|
28 |
CVE-2002-1306 |
|
|
Exec Code Overflow |
2002-11-29 |
2008-09-10 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Multiple buffer overflows in LISa on KDE 2.x for 2.1 and later, and KDE 3.x before 3.0.4, allow (1) local and possibly remote attackers to execute arbitrary code via the "lisa" daemon, and (2) remote attackers to execute arbitrary code via a certain "lan://" URL. |
|
29 |
CVE-2002-1282 |
|
|
Exec Code |
2002-11-29 |
2008-09-05 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Unknown vulnerability in the telnet KIO subsystem (telnet.protocol) of KDE 2.x 2.1 and later allows local and remote attackers to execute arbitrary code via a certain URL. |
|
30 |
CVE-2002-1281 |
|
|
Exec Code |
2002-11-29 |
2008-09-05 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Unknown vulnerability in the rlogin KIO subsystem (rlogin.protocol) of KDE 2.x 2.1 and later, and KDE 3.x 3.0.4 and earlier, allows local and remote attackers to execute arbitrary code via a certain URL. |
|
31 |
CVE-2002-1247 |
|
|
Overflow |
2002-11-29 |
2008-09-10 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in LISa allows local users to gain access to a raw socket via a long LOGNAME environment variable for the resLISa daemon. |
|
32 |
CVE-2002-1223 |
|
|
DoS Exec Code Overflow |
2002-10-28 |
2008-09-05 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in DSC 3.0 parser from GSview, as used in KGhostView in KDE 1.1 and KDE 3.0.3a, may allow attackers to cause a denial of service or execute arbitrary code via a modified .ps (PostScript) input file. |
|
33 |
CVE-2002-1152 |
|
|
|
2002-10-11 |
2008-09-05 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Konqueror in KDE 3.0 through 3.0.2 does not properly detect the "secure" flag in an HTTP cookie, which could cause Konqueror to send the cookie across an unencrypted channel, which could allow remote attackers to steal the cookie via sniffing. |
|
34 |
CVE-2002-1151 |
|
|
XSS |
2002-10-11 |
2008-09-05 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The cross-site scripting protection for Konqueror in KDE 2.2.2 and 3.0 through 3.0.3 does not properly initialize the domains on sub-frames and sub-iframes, which can allow remote attackers to execute script and steal cookies from subframes that are in other domains. |
|
35 |
CVE-2002-0970 |
|
|
|
2002-09-24 |
2008-09-05 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The SSL capability for Konqueror in KDE 3.0.2 and earlier does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack. |
|
36 |
CVE-2002-0862 |
|
|
|
2002-10-04 |
2008-09-10 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, and (3) WinVerifyTrust APIs within the CryptoAPI for Microsoft products including Microsoft Windows 98 through XP, Office for Mac, Internet Explorer for Mac, and Outlook Express for Mac, do not properly verify the Basic Constraints of intermediate CA-signed X.509 certificates, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack for SSL sessions, as originally reported for Internet Explorer and IIS. |
|
37 |
CVE-2001-0782 |
|
|
+Priv |
2001-10-18 |
2008-09-05 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
KDE ktvision 0.1.1-271 and earlier allows local attackers to gain root privileges via a symlink attack on a user configuration file. |
|
38 |
CVE-2000-0918 |
|
|
Exec Code |
2000-12-19 |
2008-09-05 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Format string vulnerability in kvt in KDE 1.1.2 may allow local users to execute arbitrary commands via a DISPLAY environmental variable that contains formatting characters. |
|
39 |
CVE-2000-0530 |
|
|
|
2000-05-31 |
2008-09-05 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The KApplication class in the KDE 1.1.2 configuration file management capability allows local users to overwrite arbitrary files. |
|
40 |
CVE-2000-0460 |
|
|
Overflow +Priv |
2000-05-27 |
2008-09-10 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in KDE kdesud on Linux allows local uses to gain privileges via a long DISPLAY environmental variable. |
|
41 |
CVE-2000-0393 |
|
|
+Priv |
2000-05-16 |
2008-09-10 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The KDE kscd program does not drop privileges when executing a program specified in a user's SHELL environmental variable, which allows the user to gain privileges by specifying an alternate program to execute. |
|
42 |
CVE-2000-0373 |
|
|
+Priv |
1999-06-01 |
2008-09-10 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Vulnerabilities in the KDE kvt terminal program allow local users to gain root privileges. |
|
43 |
CVE-1999-1268 |
|
|
|
1999-01-06 |
2008-09-05 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Vulnerability in KDE konsole allows local users to hijack or observe sessions of other users by accessing certain devices. |
|
44 |
CVE-1999-1107 |
|
|
Overflow |
1998-11-18 |
2008-09-05 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in kppp in KDE allows local users to gain root access via a long PATH environmental variable. |
|
45 |
CVE-1999-1106 |
|
|
Overflow |
1998-04-29 |
2008-09-05 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in kppp in KDE allows local users to gain root access via a long -c (account_name) command line argument. |
|
46 |
CVE-1999-1096 |
|
|
Overflow +Priv |
1998-05-16 |
2008-09-05 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in kscreensaver in KDE klock allows local users to gain root privileges via a long HOME environmental variable. |
|
47 |
CVE-1999-0781 |
|
|
Exec Code |
1998-11-18 |
2008-09-09 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables. |
