7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.056 Low
EPSS
Percentile
93.3%
KDE is a feature-rich graphical desktop environment for Linux and Unix-like Operating Systems. Kopete (also part of kdenetwork) is the KDE Instant Messenger.
Kopete contains an internal copy of libgadu and is therefore subject to several input validation vulnerabilities in libgadu.
A remote attacker could exploit this vulnerability to execute arbitrary code or crash Kopete.
Delete all Gadu Gadu contacts.
All Kopete users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose kde-base/kdenetwork
All KDE Split Ebuild Kopete users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=kde-base/kopete-3.4.1-r1"
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Gentoo | any | all | kde-base/kdenetwork | < 3.4.1-r1 | UNKNOWN |
Gentoo | any | all | kde-base/kopete | < 3.4.1-r1 | UNKNOWN |