Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2005-2101

Published: 17/08/2005 Updated: 05/09/2008
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Subscribe to Kde

Vulnerability Summary

langen2kvtml in KDE 3.0 to 3.4.2 creates insecure temporary files in /tmp with predictable names, which allows local users to overwrite arbitrary files.

Vulnerable Product Search on Vulmon Subscribe to Product

kde kde 3.0

kde kde 3.0.1

kde kde 3.0.2

kde kde 3.0.3

kde kde 3.2

kde kde 3.2.0_beta1

kde kde 3.2.1

kde kde 3.2.2

kde kde 3.1.1

kde kde 3.1.2

kde kde 3.1.3

kde kde 3.1.4

kde kde 3.4

kde kde 3.4.1

kde kde 3.4.2

kde kde 3.0.5

kde kde 3.1

kde kde 3.1.5

kde kde 3.1_beta1

kde kde 3.3

kde kde 3.3.2

kde kde 3.0.4

kde kde 3.0.5a

kde kde 3.1_alpha1

kde kde 3.1_beta2

kde kde 3.2.3

kde kde 3.3.1

Vendor Advisories

Debian Security Advisories: DSA-818-1 kdeedu -- insecure temporary files
Javier Fernández-Sanguino Peña discovered that langen2kvhtml from the kvoctrain package from the kdeedu suite creates temporary files in an insecure fashion This leaves them open for symlink attacks The old stable distribution (woody) is not affected by these problems For the stable distribution (sarge) these problems have been fixed in versio ...

References

NVD-CWE-Otherhttp://www.kde.org/info/security/advisory-20050815-1.txthttp://www.mandriva.com/security/advisories?name=MDKSA-2005:159http://www.debian.org/security/2005/dsa-818http://www.securityfocus.com/bid/14561http://securitytracker.com/id?1014675http://secunia.com/advisories/16428https://nvd.nist.govhttps://www.debian.org/security/./dsa-818
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversalCVE-2024-26978CVE-2024-26982wirelessCVE-2023-6949CVE-2024-26980CVE-2024-32766CVE-2024-26939cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook