CVE-2008-1671

CWE-166 documents6 sources

Severity

4.6MEDIUM

EPSS

0.1%

top 67.57%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

KDE KDE

Timeline

PublishedApr 28

Latest updateMay 3

Description

start_kdeinit in KDE 3.5.5 through 3.5.9, when installed setuid root, allows local users to cause a denial of service and possibly execute arbitrary code via "user-influenceable input" (probably command-line arguments) that cause start_kdeinit to send SIGUSR1 signals to other processes.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages1 packages

▶NVDkde/kde5 versions+4

🔴Vulnerability Details

GHSA

GHSA-59rx-cg4h-mhrj: start_kdeinit in KDE 3↗2022-05-03

▶

CVEList

CVE-2008-1671: start_kdeinit in KDE 3↗2008-04-28

▶

📋Vendor Advisories

Ubuntu

KDE vulnerability↗2008-05-06

▶

Red Hat

kdelibs: multiple vulnerabilities in start_kdeinit↗2008-04-26

▶

💬Community

Bugzilla

CVE-2008-1671 kdelibs: multiple vulnerabilities in start_kdeinit↗2008-04-23

▶