7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.136 Low
EPSS
Percentile
95.6%
CentOS Errata and Security Advisory CESA-2005:393
KDE is a graphical desktop environment for the X Window System. Konqueror
is the file manager for the K Desktop Environment.
A source code audit performed by the KDE security team discovered several
vulnerabilities in the PCX and other image file format readers.
A buffer overflow was found in the kimgio library for KDE 3.4.0. An
attacker could create a carefully crafted PCX image in such a way that it
would cause kimgio to execute arbitrary code when processing the image.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2005-1046 to this issue.
All users of kdelibs should upgrade to these updated packages, which
contain a backported security patch to correct these issues.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2005-May/073832.html
https://lists.centos.org/pipermail/centos-announce/2005-May/073834.html
Affected packages:
kdelibs
kdelibs-devel
Upstream details at:
https://access.redhat.com/errata/RHSA-2005:393
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 4 | ia64 | kdelibs | < 3.3.1-3.10 | kdelibs-3.3.1-3.10.ia64.rpm |
CentOS | 4 | ia64 | kdelibs-devel | < 3.3.1-3.10 | kdelibs-devel-3.3.1-3.10.ia64.rpm |
CentOS | 4 | i386 | kdelibs | < 3.3.1-3.10 | kdelibs-3.3.1-3.10.i386.rpm |
CentOS | 4 | i386 | kdelibs-devel | < 3.3.1-3.10 | kdelibs-devel-3.3.1-3.10.i386.rpm |
CentOS | 4 | i386 | kdelibs | < 3.3.1-3.10 | kdelibs-3.3.1-3.10.i386.rpm |
CentOS | 4 | x86_64 | kdelibs | < 3.3.1-3.10 | kdelibs-3.3.1-3.10.x86_64.rpm |
CentOS | 4 | x86_64 | kdelibs-devel | < 3.3.1-3.10 | kdelibs-devel-3.3.1-3.10.x86_64.rpm |