Kde: Security Vulnerabilities
The KDE kscd program does not drop privileges when executing a program specified in a user's SHELL environmental variable, which allows the user to gain privileges by specifying an alternate program to execute.
CVSS Score
7.2
EPSS Score
0.003
Published
2000-05-16
KDE K-Mail allows local users to gain privileges via a symlink attack in temporary user directories.
CVSS Score
4.6
EPSS Score
0.001
Published
2000-01-04
Vulnerabilities in the KDE kvt terminal program allow local users to gain root privileges.
CVSS Score
7.2
EPSS Score
0.001
Published
1999-06-01
Buffer overflow in KDE Kmail allows a remote attacker to cause a denial of service via an attachment with a long file name.
CVSS Score
5.0
EPSS Score
0.008
Published
1999-06-01
The libmediatool library used for the KDE mediatool allows local users to create arbitrary files via a symlink attack.
CVSS Score
1.2
EPSS Score
0.001
Published
1999-03-01
Vulnerability in KDE konsole allows local users to hijack or observe sessions of other users by accessing certain devices.
CVSS Score
7.2
EPSS Score
0.001
Published
1999-01-06
KDE klock allows local users to kill arbitrary processes by specifying an arbitrary PID in the .kss.pid file.
CVSS Score
4.6
EPSS Score
0.001
Published
1998-11-18
KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables.
CVSS Score
7.2
EPSS Score
0.001
Published
1998-11-18
KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable.
CVSS Score
2.1
EPSS Score
0.001
Published
1998-11-18
Buffer overflow in kppp in KDE allows local users to gain root access via a long PATH environmental variable.
CVSS Score
7.2
EPSS Score
0.001
Published
1998-11-18