Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:8416
HistoryApr 23, 2005 - 12:00 a.m.

[KDE Security Advisory]: kimgio input validation errors

2005-04-2300:00:00
vulners.com
15

0.136 Low

EPSS

Percentile

95.6%

JSON

KDE Security Advisory: kimgio input validation errors
Original Release Date: 2005-04-21
URL: http://www.kde.org/info/security/advisory-20050421-1.txt

  1. References

     http://bugs.kde.org/102328
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1046

  2. Systems affected:

     kdelibs as shipped with KDE 3.2 up to including KDE 3.4.

  3. Overview:

     kimgio contains a PCX image file format reader that does
 not properly perform input validation. A source code audit
 performed by the KDE security team discovered several
 vulnerabilities in the PCX and other image file format
 readers, some of them exploitable to execute arbitrary
 code.

  4. Impact:

     Remotly supplied, specially crafted image files can be used
 to execute arbitrary code.

  5. Solution:

     Source code patches have been made available which fix these
 vulnerabilities. Contact your OS vendor / binary package provider
 for information about how to obtain updated binary packages.

  6. Patch:

     A patch for KDE 3.4.0 is available from 
 ftp://ftp.kde.org/pub/kde/security_patches :

 78473d4dad612e6617eb6652eec2ab80  post-3.4.0-kdelibs-kimgio.diff

 A patch for KDE 3.3.2 is available from 
 ftp://ftp.kde.org/pub/kde/security_patches :

 8366d0e5c8101c315a0bdafac54536d6  post-3.3.2-kdelibs-kimgio.diff

  7. Time line and credits:

     24/03/2005 Notification of KDE by Bruno Rohee
 21/04/2005 Coordinated Public Disclosure

Related

cve 1
openvas 9
osv 1
nessus 8
cvelist 1
gentoo 1
nvd 1
freebsd 1
debian 2
redhat 1
ubuntu 1
ubuntucve 1
centos 1
suse 1
cve
cve
CVE-2005-1046
2005-05-02 04:00:00
openvas
openvas
SLES9: Security update for kdelibs3
2009-10-10 00:00:00
FreeBSD Ports: kdelibs
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200504-22 (KDE)
2008-09-24 00:00:00
osv
osv
kdelibs - several
2005-04-26 00:00:00
nessus
nessus
Debian DSA-714-1 : kdelibs - several vulnerabilities
2005-04-27 00:00:00
CentOS 4 : kdelibs (CESA-2005:393)
2006-07-05 00:00:00
GLSA-200504-22 : KDE kimgio: PCX handling buffer overflow
2005-04-25 00:00:00
cvelist
cvelist
CVE-2005-1046
2005-04-12 04:00:00
gentoo
gentoo
KDE kimgio: PCX handling buffer overflow
2005-04-22 00:00:00
nvd
nvd
CVE-2005-1046
2005-05-02 04:00:00
freebsd
freebsd
kdelibs -- kimgio input validation errors
2005-04-21 00:00:00
debian
debian
[SECURITY] [DSA 714-1] New kdelibs packages fix arbitrary code execution
2005-04-26 15:14:14
[SECURITY] [DSA 714-1] New kdelibs packages fix arbitrary code execution
2005-04-26 15:14:14
redhat
redhat
(RHSA-2005:393) kdelibs security update
2005-05-17 00:00:00
ubuntu
ubuntu
kimgio vulnerability
2005-05-03 00:00:00
ubuntucve
ubuntucve
CVE-2005-1046
2005-05-02 00:00:00
centos
centos
kdelibs security update
2005-05-18 01:20:41
suse
suse
remote code execution in kdelibs3
2005-04-11 15:41:36

0.136 Low

EPSS

Percentile

95.6%

JSON
Related for SECURITYVULNS:DOC:8416
cve1openvas9osv1nessus8cvelist1gentoo1nvd1freebsd1debian2redhat1ubuntu1ubuntucve1centos1suse1