Kde: Security Vulnerabilities
KMail in KDE 1.0 provides a PGP passphrase as a command line argument to other programs, which could allow local users to obtain the passphrase and compromise the PGP keys of other users by viewing the arguments via programs that list process information, such as ps.
CVSS Score
4.6
EPSS Score
0.001
Published
1998-07-11
Buffer overflow in kscreensaver in KDE klock allows local users to gain root privileges via a long HOME environmental variable.
CVSS Score
7.2
EPSS Score
0.001
Published
1998-05-16
Buffer overflow in kppp in KDE allows local users to gain root access via a long -c (account_name) command line argument.
CVSS Score
7.2
EPSS Score
0.002
Published
1998-04-29
Screen savers in KDE beta 3 allows local users to overwrite arbitrary files via a symlink attack on the .kss.pid file.
CVSS Score
2.1
EPSS Score
0.001
Published
1998-02-06
KDE file manager (kfm) uses a TCP server for certain file operations, which allows remote attackers to modify arbitrary files by sending a copy command to the server.
CVSS Score
5.0
EPSS Score
0.004
Published
1997-05-05
Page 20