Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2005:065
HistoryFeb 15, 2005 - 12:00 a.m.

(RHSA-2005:065) kdelibs security update

2005-02-1500:00:00
access.redhat.com
32

EPSS

0.811

Percentile

98.4%

JSON

The kdelibs packages include libraries for the K Desktop Environment.

Two flaws were found in the sandbox environment used to run Java-applets in
the Konqueror web browser. If a user has Java enabled in Konqueror and
visits a malicious website, the website could run a carefully crafted
Java-applet and obtain escalated privileges allowing reading and writing of
arbitrary files with the privileges of the victim. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2004-1145 to this issue.

A flaw was discovered in the FTP kioslave. KDE applications such as
Konqueror could be forced to execute arbitrary FTP commands via a carefully
crafted ftp URL. The URL could also be crafted in such a way as to send an
arbitrary email via SMTP. An attacker could make use of this flaw if a
victim visits a malicious web site. The Common Vulnerabilities and
Exposures project has assigned the name CAN-2004-1165 to this issue.

Users should update to these erratum packages which contain backported
patches to correct these issues.

Related

nessus 9
cvelist 2
securityvulns 2
openvas 10
freebsd 1
cve 2
gentoo 2
cert 1
nvd 2
debian 2
ubuntucve 2
osv 1
exploitdb 1
redhat 1
nessus
nessus
RHEL 4 : kdelibs (RHSA-2005:065)
2005-02-22 00:00:00
Mandrake Linux Security Advisory : kdelibs (MDKSA-2004:160)
2005-01-02 00:00:00
FreeBSD : kdelibs3 -- konqueror FTP command injection vulnerability (832e9d75-5bfc-11d9-a9e7-0001020eed82)
2005-07-13 00:00:00
cvelist
cvelist
CVE-2004-1145
2004-12-31 05:00:00
CVE-2004-1165
2004-12-10 05:00:00
securityvulns
securityvulns
KDE Security Advisory: Konqueror Java Vulnerability
2004-12-21 00:00:00
KDE Security Advisory: Konqueror Java Vulnerability
2004-12-21 00:00:00
openvas
openvas
FreeBSD Ports: ja-kdelibs, kdelibs
2008-09-04 00:00:00
Debian: Security Advisory (DSA-631-1)
2008-01-17 00:00:00
Gentoo Security Advisory GLSA 200501-16 (Konqueror, kde, kdelibs)
2008-09-24 00:00:00
freebsd
freebsd
kdelibs3 -- konqueror FTP command injection vulnerability
2004-12-01 00:00:00
cve
cve
CVE-2004-1165
2005-01-10 05:00:00
CVE-2004-1145
2004-12-31 05:00:00
gentoo
gentoo
Konqueror: Java sandbox vulnerabilities
2005-01-11 00:00:00
KDE FTP KIOslave: Command injection
2005-01-11 00:00:00
cert
cert
Konqueror fails to restrict access to Java classes
2005-01-05 00:00:00
nvd
nvd
CVE-2004-1145
2004-12-15 05:00:00
CVE-2004-1165
2005-01-10 05:00:00
debian
debian
[SECURITY] [DSA 631-1] New kdlibs packages fix arbitrary FTP command execution
2005-01-10 11:07:44
[SECURITY] [DSA 631-1] New kdlibs packages fix arbitrary FTP command execution
2005-01-10 11:07:44
ubuntucve
ubuntucve
CVE-2004-1165
2005-01-10 00:00:00
CVE-2004-1145
2004-12-15 00:00:00
osv
osv
kdelibs - unsanitised input
2005-01-10 00:00:00
exploitdb
exploitdb
KDE FTP - KIOSlave URI Arbitrary FTP Server Command Execution
2004-12-06 00:00:00
redhat
redhat
(RHSA-2005:009) kdelibs, kdebase security update
2005-02-10 00:00:00

EPSS

0.811

Percentile

98.4%

JSON
Related for RHSA-2005:065
nessus9cvelist2securityvulns2openvas10freebsd1cve2gentoo2cert1nvd2debian2ubuntucve2osv1exploitdb1redhat1