Kommander in KDE 3.2 through KDE 3.4.0 executes data files without confirmation from the user, which allows remote attackers to execute arbitrary code.
References
Link | Resource |
---|---|
ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.0-kdewebdev-kommander.diff | Vendor Advisory |
http://marc.info/?l=bugtraq&m=111419664411051&w=2 | |
http://secunia.com/advisories/15060 | Patch Vendor Advisory |
http://www.kde.org/info/security/advisory-20050420-1.txt | Patch Vendor Advisory |
http://www.securityfocus.com/bid/13313 | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2005-04-24T04:00:00
Updated: 2016-10-17T13:57:01
Reserved: 2005-03-17T00:00:00
Link: CVE-2005-0754
JSON object: View
NVD Information
Status : Modified
Published: 2005-04-22T04:00:00.000
Modified: 2016-10-18T03:14:10.187
Link: CVE-2005-0754
JSON object: View
Redhat Information
No data.
CWE