Published: 05/05/2003 Updated: 18/10/2016

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

KDE 2 and KDE 3.1.1 and previous versions 3.x versions allows malicious users to execute arbitrary commands via (1) PostScript (PS) or (2) PDF files, related to missing -dPARANOIDSAFER and -dSAFER arguments when using the kghostview Ghostscript viewer.

Vulnerable Product	Search on Vulmon	Subscribe to Product
kde kde 2.0
kde kde 2.2.2
kde kde 3.0
kde kde 3.1
kde kde 3.1.1
kde kde 2.0.1
kde kde 2.1
kde kde 3.0.1
kde kde 3.0.2
kde kde 2.1.1
kde kde 2.1.2
kde kde 3.0.3
kde kde 3.0.3a
kde kde 2.2
kde kde 2.2.1
kde kde 3.0.4
kde kde 3.0.5
kde kde 3.0.5a

The KDE team discovered a vulnerability in the way KDE uses Ghostscript software for processing of PostScript (PS) and PDF files An attacker could provide a malicious PostScript or PDF file via mail or websites that could lead to executing arbitrary commands under the privileges of the user viewing the file or when the browser generates a director ...

NVD-CWE-Other http://www.kde.org/info/security/advisory-20030409-1.txt http://www.debian.org/security/2003/dsa-284 http://bugs.kde.org/show_bug.cgi?id=56808 http://bugs.kde.org/show_bug.cgi?id=53343 http://www.debian.org/security/2003/dsa-293 http://www.debian.org/security/2003/dsa-296 http://www.redhat.com/support/errata/RHSA-2003-002.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000668 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000747 http://www.mandriva.com/security/advisories?name=MDKSA-2003:049 http://marc.info/?l=bugtraq&m=105017403010459&w=2 http://marc.info/?l=bugtraq&m=105012994719099&w=2 http://marc.info/?l=bugtraq&m=105034222521369&w=2 http://marc.info/?l=bugtraq&m=105001557020141&w=2 https://nvd.nist.gov https://www.debian.org/security/./dsa-284

CVE-2003-0204

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect