This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Detail | |||
|---|---|---|---|
| Vendor | Kde | First view | 2014-07-01 |
| Product | Kdelibs | Last view | 2017-05-17 |
| Version | 4.12.95 | Type | Application |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:kde:kdelibs | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.8 | 2017-05-17 | CVE-2017-8422 | KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app. |
| 5.5 | 2017-03-02 | CVE-2017-6410 | kpac/script.cpp in KDE kio before 5.32 and kdelibs before 4.14.30 calls the PAC FindProxyForURL function with a full https URL (potentially including Basic Authentication credentials, a query string, or PATH_INFO), which allows remote attackers to obtain sensitive information via a crafted PAC file. |
| 6.9 | 2014-08-19 | CVE-2014-5033 | KDE kdelibs before 4.14 and kauth before 5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, related to CVE-2013-4288 and "PID reuse race conditions." |
| 4.3 | 2014-07-01 | CVE-2014-3494 | kio/usernotificationhandler.cpp in the POP3 kioslave in kdelibs 4.10.95 before 4.13.3 does not properly generate warning notifications, which allows man-in-the-middle attackers to obtain sensitive information via an invalid certificate. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 25% (1) | CWE-362 | Race Condition |
| 25% (1) | CWE-319 | Cleartext Transmission of Sensitive Information |
| 25% (1) | CWE-290 | Authentication Bypass by Spoofing |
| 25% (1) | CWE-200 | Information Exposure |
Nessus® Vulnerability Scanner
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Description |
|---|---|
| 2017-07-17 | Name: The remote Fedora host is missing a security update. File: fedora_2017-dd51077c87.nasl - Type: ACT_GATHER_INFO |
| 2017-07-17 | Name: The remote Fedora host is missing a security update. File: fedora_2017-0898c704a1.nasl - Type: ACT_GATHER_INFO |
| 2017-07-13 | Name: The remote Virtuozzo host is missing a security update. File: Virtuozzo_VZLSA-2017-1264.nasl - Type: ACT_GATHER_INFO |
| 2017-06-28 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201706-29.nasl - Type: ACT_GATHER_INFO |
| 2017-05-26 | Name: The remote Debian host is missing a security update. File: debian_DLA-952.nasl - Type: ACT_GATHER_INFO |
| 2017-05-23 | Name: The remote Scientific Linux host is missing one or more security updates. File: sl_20170522_kdelibs_on_SL7_x.nasl - Type: ACT_GATHER_INFO |
| 2017-05-23 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2017-1264.nasl - Type: ACT_GATHER_INFO |
| 2017-05-23 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2017-1264.nasl - Type: ACT_GATHER_INFO |
| 2017-05-23 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2017-1264.nasl - Type: ACT_GATHER_INFO |
| 2017-05-19 | Name: The remote SUSE host is missing one or more security updates. File: suse_SU-2017-1335-1.nasl - Type: ACT_GATHER_INFO |
| 2017-05-17 | Name: The remote Fedora host is missing a security update. File: fedora_2017-8b4898ce81.nasl - Type: ACT_GATHER_INFO |
| 2017-05-17 | Name: The remote Slackware host is missing a security update. File: Slackware_SSA_2017-136-02.nasl - Type: ACT_GATHER_INFO |
| 2017-05-16 | Name: The remote Ubuntu host is missing a security-related patch. File: ubuntu_USN-3286-1.nasl - Type: ACT_GATHER_INFO |
| 2017-05-16 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2017-575.nasl - Type: ACT_GATHER_INFO |
| 2017-05-16 | Name: The remote Fedora host is missing a security update. File: fedora_2017-aff6f6bd9d.nasl - Type: ACT_GATHER_INFO |
| 2017-05-16 | Name: The remote Fedora host is missing a security update. File: fedora_2017-7e3437b905.nasl - Type: ACT_GATHER_INFO |
| 2017-05-16 | Name: The remote Fedora host is missing a security update. File: fedora_2017-6bdbf57f29.nasl - Type: ACT_GATHER_INFO |
| 2017-05-15 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-3849.nasl - Type: ACT_GATHER_INFO |
| 2017-05-11 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_0baee383356c11e7b9a950e549ebab6c.nasl - Type: ACT_GATHER_INFO |
| 2017-03-14 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2017-334.nasl - Type: ACT_GATHER_INFO |
| 2017-03-13 | Name: The remote Fedora host is missing a security update. File: fedora_2017-4f4eef4791.nasl - Type: ACT_GATHER_INFO |
| 2017-03-13 | Name: The remote Fedora host is missing a security update. File: fedora_2017-b011e8c922.nasl - Type: ACT_GATHER_INFO |
| 2017-03-13 | Name: The remote Fedora host is missing a security update. File: fedora_2017-01eed6fe8c.nasl - Type: ACT_GATHER_INFO |
| 2017-03-10 | Name: The remote Ubuntu host is missing a security-related patch. File: ubuntu_USN-3223-1.nasl - Type: ACT_GATHER_INFO |
| 2017-03-06 | Name: The remote Fedora host is missing a security update. File: fedora_2017-f9ab92fa6c.nasl - Type: ACT_GATHER_INFO |
