Vulnerability Details CVE-2005-1920
The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote attackers to obtain sensitive information.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.023
EPSS Ranking 84.1%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- http://marc.info/?l=bugtraq&m=112171434023679&w=2
- http://secunia.com/advisories/16099
- http://secunia.com/advisories/23099
- http://security.gentoo.org/glsa/glsa-200611-21.xml
- http://securitytracker.com/id?1014512
- http://www.debian.org/security/2005/dsa-804
- http://www.kde.org/info/security/advisory-20050718-1.txt
- http://www.novell.com/linux/security/advisories/2005_18_sr.html
- http://www.redhat.com/support/errata/RHSA-2005-612.html
- http://www.securityfocus.com/archive/1/427976/100/0/threaded
- http://www.securityfocus.com/bid/14297
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9434
- http://marc.info/?l=bugtraq&m=112171434023679&w=2
- http://secunia.com/advisories/16099
- http://secunia.com/advisories/23099
- http://security.gentoo.org/glsa/glsa-200611-21.xml
- http://securitytracker.com/id?1014512
- http://www.debian.org/security/2005/dsa-804
- http://www.kde.org/info/security/advisory-20050718-1.txt
- http://www.novell.com/linux/security/advisories/2005_18_sr.html
- http://www.redhat.com/support/errata/RHSA-2005-612.html
- http://www.securityfocus.com/archive/1/427976/100/0/threaded
- http://www.securityfocus.com/bid/14297
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9434
Products affected by CVE-2005-1920
-
cpe:2.3:o:debian:debian_linux:3.1
-
cpe:2.3:o:kde:kde:3.2
-
cpe:2.3:o:kde:kde:3.2.1
-
cpe:2.3:o:kde:kde:3.2.2
-
cpe:2.3:o:kde:kde:3.3
-
cpe:2.3:o:kde:kde:3.3.1
-
cpe:2.3:o:kde:kde:3.3.2
-
cpe:2.3:o:kde:kde:3.4.0