CVE-2005-0011 — Improper Restriction of Operations within the Bounds of a Memory Buffer in KDE

3 documents3 sources

Severity

10.0CRITICALNVD

EPSS

4.9%

top 10.38%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

KDE

Timeline

PublishedMay 2

Latest updateMay 1

Description

Multiple vulnerabilities in fliccd, when installed setuid root as part of the kdeedu Kstars support for Instrument Neutral Distributed Interface (INDI) in KDE 3.3 to 3.3.2, allow local users and remote attackers to execute arbitrary code via stack-based buffer overflows.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDkde/kde3.3, 3.3.1, 3.3.2+2

Patches

Patch: secunia.com ↗Patch: www.kde.org ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-jx94-cc76-x227: Multiple vulnerabilities in fliccd, when installed setuid root as part of the kdeedu Kstars support for Instrument Neutral Distributed Interface (INDI↗2022-05-01

▶

CVEList

CVE-2005-0011: Multiple vulnerabilities in fliccd, when installed setuid root as part of the kdeedu Kstars support for Instrument Neutral Distributed Interface (INDI↗2005-02-16

▶