Vulnerability Details CVE-2002-1306
Multiple buffer overflows in LISa on KDE 2.x for 2.1 and later, and KDE 3.x before 3.0.4, allow (1) local and possibly remote attackers to execute arbitrary code via the "lisa" daemon, and (2) remote attackers to execute arbitrary code via a certain "lan://" URL.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.055
EPSS Ranking 89.9%
CVSS Severity
CVSS v2 Score 7.5
References
- http://marc.info/?l=bugtraq&m=103712329102632&w=2
- http://marc.info/?l=bugtraq&m=103728981029342&w=2
- http://www.ciac.org/ciac/bulletins/n-020.shtml
- http://www.debian.org/security/2002/dsa-214
- http://www.iss.net/security_center/static/10597.php
- http://www.iss.net/security_center/static/10598.php
- http://www.kde.org/info/security/advisory-20021111-2.txt
- http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-080.php
- http://www.novell.com/linux/security/advisories/2002_042_kdenetwork.html
- http://www.redhat.com/support/errata/RHSA-2002-220.html
- http://marc.info/?l=bugtraq&m=103712329102632&w=2
- http://marc.info/?l=bugtraq&m=103728981029342&w=2
- http://www.ciac.org/ciac/bulletins/n-020.shtml
- http://www.debian.org/security/2002/dsa-214
- http://www.iss.net/security_center/static/10597.php
- http://www.iss.net/security_center/static/10598.php
- http://www.kde.org/info/security/advisory-20021111-2.txt
- http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-080.php
- http://www.novell.com/linux/security/advisories/2002_042_kdenetwork.html
- http://www.redhat.com/support/errata/RHSA-2002-220.html
Products affected by CVE-2002-1306
-
cpe:2.3:o:kde:kde:2.1
-
cpe:2.3:o:kde:kde:2.1.1
-
cpe:2.3:o:kde:kde:2.1.2
-
cpe:2.3:o:kde:kde:2.2
-
cpe:2.3:o:kde:kde:2.2.1
-
cpe:2.3:o:kde:kde:2.2.2
-
cpe:2.3:o:kde:kde:3.0
-
cpe:2.3:o:kde:kde:3.0.1
-
cpe:2.3:o:kde:kde:3.0.2
-
cpe:2.3:o:kde:kde:3.0.3