Vulnerability in Conectiva Linux
CVE-2005-0754
Kommander in KDE 3.2 through KDE 3.4.0 executes data files without confirmation from the user, which allows remote attackers to execute arbitrary code.
EPSS: 0.030 (85.5th percentile) — read the EPSS interpretation.
Affected products
- Conectiva Linux — versions 9.0, 10.0
- Gentoo Linux
- Kde — versions 3.2, 3.2.1, 3.2.2
- Kde Quanta — versions 3.1
- Redhat Fedora_core — versions core_3.0
- Ubuntu Ubuntu_linux — versions 4.1, 5.04
- N/a — versions n/a
References
- secalert@redhat.com (x_refsource_CONFIRM, Patch, Vendor Advisory)
- secalert@redhat.com (mailing-list, x_refsource_BUGTRAQ)
- secalert@redhat.com (Patch, x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- secalert@redhat.com (Patch, vdb-entry, x_refsource_BID, Vendor Advisory)