Shodan
Vulnerabilities
Vulnerable Software
Kde:  >> Kde  Security Vulnerabilities
CVE-2002-1224
Directory traversal vulnerability in kpf for KDE 3.0.1 through KDE 3.0.3a allows remote attackers to read arbitrary files as the kpf user via a URL with a modified icon parameter.
CVSS Score
5.0
EPSS Score
0.118
Published
2002-10-28
CVE-2002-1151
The cross-site scripting protection for Konqueror in KDE 2.2.2 and 3.0 through 3.0.3 does not properly initialize the domains on sub-frames and sub-iframes, which can allow remote attackers to execute script and steal cookies from subframes that are in other domains.
CVSS Score
7.5
EPSS Score
0.028
Published
2002-10-11
CVE-2002-1152
Konqueror in KDE 3.0 through 3.0.2 does not properly detect the "secure" flag in an HTTP cookie, which could cause Konqueror to send the cookie across an unencrypted channel, which could allow remote attackers to steal the cookie via sniffing.
CVSS Score
7.5
EPSS Score
0.009
Published
2002-10-11
CVE-2002-0970
The SSL capability for Konqueror in KDE 3.0.2 and earlier does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack.
CVSS Score
7.5
EPSS Score
0.024
Published
2002-09-24
CVE-2002-0227
KICQ 2.0.0b1 allows remote attackers to cause a denial of service (crash) via a malformed message.
CVSS Score
5.0
EPSS Score
0.029
Published
2002-05-16
CVE-2001-0610
kfm as included with KDE 1.x can allow a local attacker to gain additional privileges via a symlink attack in the kfm cache directory in /tmp.
CVSS Score
4.6
EPSS Score
0.001
Published
2001-08-02
CVE-2000-0530
The KApplication class in the KDE 1.1.2 configuration file management capability allows local users to overwrite arbitrary files.
CVSS Score
7.2
EPSS Score
0.001
Published
2000-05-31
CVE-2000-0460
Buffer overflow in KDE kdesud on Linux allows local uses to gain privileges via a long DISPLAY environmental variable.
CVSS Score
7.2
EPSS Score
0.003
Published
2000-05-27
CVE-2000-0393
The KDE kscd program does not drop privileges when executing a program specified in a user's SHELL environmental variable, which allows the user to gain privileges by specifying an alternate program to execute.
CVSS Score
7.2
EPSS Score
0.003
Published
2000-05-16
CVE-2000-0371
The libmediatool library used for the KDE mediatool allows local users to create arbitrary files via a symlink attack.
CVSS Score
1.2
EPSS Score
0.001
Published
1999-03-01


Products
Pricing
Contact Us

Shodan ® - All rights reserved