The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote attackers to obtain sensitive information.
References
Link | Resource |
---|---|
http://marc.info/?l=bugtraq&m=112171434023679&w=2 | Mailing List |
http://secunia.com/advisories/16099 | Broken Link |
http://secunia.com/advisories/23099 | Broken Link |
http://security.gentoo.org/glsa/glsa-200611-21.xml | Third Party Advisory |
http://securitytracker.com/id?1014512 | Broken Link Third Party Advisory VDB Entry |
http://www.debian.org/security/2005/dsa-804 | Third Party Advisory |
http://www.kde.org/info/security/advisory-20050718-1.txt | Patch Vendor Advisory |
http://www.novell.com/linux/security/advisories/2005_18_sr.html | Broken Link |
http://www.redhat.com/support/errata/RHSA-2005-612.html | Broken Link |
http://www.securityfocus.com/archive/1/427976/100/0/threaded | Broken Link Third Party Advisory VDB Entry |
http://www.securityfocus.com/bid/14297 | Broken Link Third Party Advisory VDB Entry |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9434 | Broken Link |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2005-07-26T04:00:00
Updated: 2018-10-19T14:57:01
Reserved: 2005-06-08T00:00:00
Link: CVE-2005-1920
JSON object: View
NVD Information
Status : Analyzed
Published: 2005-07-26T04:00:00.000
Modified: 2024-01-25T21:11:47.290
Link: CVE-2005-1920
JSON object: View
Redhat Information
No data.
CWE