CVE-2005-0754

4 documents4 sources

Severity

7.5HIGH

EPSS

2.3%

top 15.32%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Conectiva Linux KDE KDE KDE Quanta +2 more

Timeline

PublishedApr 22

Latest updateMay 3

Description

Kommander in KDE 3.2 through KDE 3.4.0 executes data files without confirmation from the user, which allows remote attackers to execute arbitrary code.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages4 packages

▶NVDkde/kde8 versions+7

▶NVDkde/quanta3.1

▶NVDconectiva/linux10.0, 9.0+1

▶NVDredhat/fedora_corecore_3.0

Also affects: Ubuntu Linux 4.1, 5.04

Patches

Patch: secunia.com ↗Patch: www.kde.org ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-hwmm-gww6-748j: Kommander in KDE 3↗2022-05-03

▶

CVEList

CVE-2005-0754: Kommander in KDE 3↗2005-04-24

▶

📋Vendor Advisories

Ubuntu

Kommander vulnerability↗2005-05-04

▶