This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Kde First view 2010-05-17
Product Kde Sc Last view 2014-02-04
Version 4.2 Type Application
Update beta2  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:kde:kde_sc

Activity : Overall

Related : CVE

  Date Alert Description
6.8 2014-02-04 CVE-2011-2725

Directory traversal vulnerability in Ark 4.7.x and earlier allows remote attackers to delete and force the display of arbitrary files via .. (dot dot) sequences in a zip file.

5 2013-09-16 CVE-2013-4132

KDE-Workspace 4.10.5 and earlier does not properly handle the return value of the glibc 2.17 crypt and pw_encrypt functions, which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via (1) an invalid salt or a (2) DES or (3) MD5 encrypted password, when FIPS-140 is enable, to KDM or an (4) invalid password to KCheckPass.

5.8 2011-04-26 CVE-2011-1586

Directory traversal vulnerability in the KGetMetalink::File::isValidNameAttr function in ui/metalinkcreator/metalinker.cpp in KGet in KDE SC 4.6.2 and earlier allows remote attackers to create arbitrary files via a .. (dot dot) in the name attribute of a file element in a metalink file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-1000.

6.4 2010-05-17 CVE-2010-1511

KGet 2.4.2 in KDE SC 4.0.0 through 4.4.3 does not properly request download confirmation from the user, which makes it easier for remote attackers to overwrite arbitrary files via a crafted metalink file.

5.8 2010-05-17 CVE-2010-1000

Directory traversal vulnerability in KGet in KDE SC 4.0.0 through 4.4.3 allows remote attackers to create arbitrary files via directory traversal sequences in the name attribute of a file element in a metalink file.

CWE : Common Weakness Enumeration

%idName
60% (3) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...
20% (1) CWE-310 Cryptographic Issues
20% (1) CWE-264 Permissions, Privileges, and Access Controls

Open Source Vulnerability Database (OSVDB)

id Description
74943 KDE KGet ui/metalinkcreator/metalinker.cpp KGetMetalink::File::isValidNameAtt...
74180 KDE kdeutils Ark Traversal Arbitrary File Deletion
64690 KDE KGet file Element name Attribute Traversal Arbitrary File Creation
64689 KDE KGet Arbitrary Unacknowledged Download Arbitrary File Overwrite

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-06-06 Name : RedHat Update for kdenetwork RHSA-2011:0465-01
File : nvt/gb_RHSA-2011_0465-01_kdenetwork.nasl
2011-11-25 Name : Ubuntu Update for kdeutils USN-1276-1
File : nvt/gb_ubuntu_USN_1276_1.nasl
2011-05-10 Name : Ubuntu Update for kdenetwork USN-1114-1
File : nvt/gb_ubuntu_USN_1114_1.nasl
2011-05-06 Name : Mandriva Update for kdenetwork4 MDVSA-2011:081 (kdenetwork4)
File : nvt/gb_mandriva_MDVSA_2011_081.nasl
2011-04-22 Name : Fedora Update for kdenetwork FEDORA-2011-5211
File : nvt/gb_fedora_2011_5211_kdenetwork_fc13.nasl
2010-12-09 Name : Fedora Update for kdenetwork FEDORA-2010-18029
File : nvt/gb_fedora_2010_18029_kdenetwork_fc12.nasl
2010-05-28 Name : Fedora Update for kdemultimedia FEDORA-2010-8547
File : nvt/gb_fedora_2010_8547_kdemultimedia_fc11.nasl
2010-05-28 Name : Fedora Update for kdeartwork FEDORA-2010-8547
File : nvt/gb_fedora_2010_8547_kdeartwork_fc11.nasl
2010-05-28 Name : Fedora Update for kdelibs FEDORA-2010-8547
File : nvt/gb_fedora_2010_8547_kdelibs_fc11.nasl
2010-05-28 Name : Fedora Update for kdegraphics FEDORA-2010-8547
File : nvt/gb_fedora_2010_8547_kdegraphics_fc11.nasl
2010-05-28 Name : Fedora Update for kdegames FEDORA-2010-8547
File : nvt/gb_fedora_2010_8547_kdegames_fc11.nasl
2010-05-28 Name : Fedora Update for kdeedu FEDORA-2010-8547
File : nvt/gb_fedora_2010_8547_kdeedu_fc11.nasl
2010-05-28 Name : Fedora Update for kdebindings FEDORA-2010-8547
File : nvt/gb_fedora_2010_8547_kdebindings_fc11.nasl
2010-05-28 Name : Fedora Update for kdebase FEDORA-2010-8547
File : nvt/gb_fedora_2010_8547_kdebase_fc11.nasl
2010-05-28 Name : Fedora Update for kdebase-workspace FEDORA-2010-8547
File : nvt/gb_fedora_2010_8547_kdebase-workspace_fc11.nasl
2010-05-28 Name : Fedora Update for kdebase-runtime FEDORA-2010-8547
File : nvt/gb_fedora_2010_8547_kdebase-runtime_fc11.nasl
2010-05-28 Name : Fedora Update for kdeadmin FEDORA-2010-8547
File : nvt/gb_fedora_2010_8547_kdeadmin_fc11.nasl
2010-05-28 Name : Fedora Update for kdenetwork FEDORA-2010-8547
File : nvt/gb_fedora_2010_8547_kdenetwork_fc11.nasl
2010-05-28 Name : Fedora Update for kdepim-runtime FEDORA-2010-8547
File : nvt/gb_fedora_2010_8547_kdepim-runtime_fc11.nasl
2010-05-28 Name : Fedora Update for kdepim FEDORA-2010-8547
File : nvt/gb_fedora_2010_8547_kdepim_fc11.nasl
2010-05-28 Name : Fedora Update for kdepimlibs FEDORA-2010-8547
File : nvt/gb_fedora_2010_8547_kdepimlibs_fc11.nasl
2010-05-28 Name : Fedora Update for kdeplasma-addons FEDORA-2010-8547
File : nvt/gb_fedora_2010_8547_kdeplasma-addons_fc11.nasl
2010-05-28 Name : Fedora Update for kdesdk FEDORA-2010-8547
File : nvt/gb_fedora_2010_8547_kdesdk_fc11.nasl
2010-05-28 Name : Fedora Update for kdetoys FEDORA-2010-8547
File : nvt/gb_fedora_2010_8547_kdetoys_fc11.nasl
2010-05-28 Name : Fedora Update for kdeutils FEDORA-2010-8547
File : nvt/gb_fedora_2010_8547_kdeutils_fc11.nasl

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2014-12-15 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201412-08.nasl - Type: ACT_GATHER_INFO
2014-07-11 Name: The remote SuSE 11 host is missing one or more security updates.
File: suse_11_kde4-kdm-140630.nasl - Type: ACT_GATHER_INFO
2014-06-13 Name: The remote openSUSE host is missing a security update.
File: suse_11_4_ark-120228.nasl - Type: ACT_GATHER_INFO
2014-06-13 Name: The remote openSUSE host is missing a security update.
File: suse_11_3_kdenetwork4-101119.nasl - Type: ACT_GATHER_INFO
2014-06-13 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2013-625.nasl - Type: ACT_GATHER_INFO
2014-06-13 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2013-607.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2011-0465.nasl - Type: ACT_GATHER_INFO
2012-08-01 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20110421_kdenetwork_on_SL6_x.nasl - Type: ACT_GATHER_INFO
2012-03-07 Name: The remote SuSE 11 host is missing one or more security updates.
File: suse_11_ark-120229.nasl - Type: ACT_GATHER_INFO
2011-11-22 Name: The remote Ubuntu host is missing a security-related patch.
File: ubuntu_USN-1276-1.nasl - Type: ACT_GATHER_INFO
2011-11-14 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_7fb9e7390e6d11e187cd00235a5f2c9a.nasl - Type: ACT_GATHER_INFO
2011-06-13 Name: The remote Ubuntu host is missing a security-related patch.
File: ubuntu_USN-1114-1.nasl - Type: ACT_GATHER_INFO
2011-05-05 Name: The remote openSUSE host is missing a security update.
File: suse_11_1_kdenetwork3-101119.nasl - Type: ACT_GATHER_INFO
2011-05-05 Name: The remote openSUSE host is missing a security update.
File: suse_11_2_kdenetwork4-101119.nasl - Type: ACT_GATHER_INFO
2011-05-05 Name: The remote openSUSE host is missing a security update.
File: suse_11_1_kde4-kdnssd-101119.nasl - Type: ACT_GATHER_INFO
2011-05-03 Name: The remote Mandriva Linux host is missing one or more security updates.
File: mandriva_MDVSA-2011-081.nasl - Type: ACT_GATHER_INFO
2011-04-27 Name: The remote Fedora host is missing a security update.
File: fedora_2011-5774.nasl - Type: ACT_GATHER_INFO
2011-04-22 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2011-0465.nasl - Type: ACT_GATHER_INFO
2011-04-21 Name: The remote Fedora host is missing a security update.
File: fedora_2011-5211.nasl - Type: ACT_GATHER_INFO
2010-12-16 Name: The remote SuSE 11 host is missing one or more security updates.
File: suse_11_kde4-kdnssd-101119.nasl - Type: ACT_GATHER_INFO
2010-12-01 Name: The remote Fedora host is missing a security update.
File: fedora_2010-18029.nasl - Type: ACT_GATHER_INFO
2010-07-01 Name: The remote Fedora host is missing one or more security updates.
File: fedora_2010-8577.nasl - Type: ACT_GATHER_INFO
2010-07-01 Name: The remote Fedora host is missing one or more security updates.
File: fedora_2010-8547.nasl - Type: ACT_GATHER_INFO
2010-07-01 Name: The remote Fedora host is missing one or more security updates.
File: fedora_2010-8544.nasl - Type: ACT_GATHER_INFO
2010-05-19 Name: The remote Mandriva Linux host is missing one or more security updates.
File: mandriva_MDVSA-2010-098.nasl - Type: ACT_GATHER_INFO