Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0204

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2003-0204
Last Modified 10 Sep 2008 03:18:14
Published 05 May 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0204

Summary

KDE 2 and KDE 3.1.1 and earlier 3.x versions allows attackers to execute arbitrary commands via (1) PostScript (PS) or (2) PDF files, related to missing -dPARANOIDSAFER and -dSAFER arguments when using the kghostview Ghostscript viewer.

Vulnerable Systems

Operating System

  • Kde 2.0

  • Kde 2.0.1

  • Kde 2.1

  • Kde 2.1.1

  • Kde 2.1.2

  • Kde 2.2

  • Kde 2.2.1

  • Kde 2.2.2

  • Kde 3.0

  • Kde 3.0.1

  • Kde 3.0.2

  • Kde 3.0.3

  • Kde 3.0.3a

  • Kde 3.0.4

  • Kde 3.0.5

  • Kde 3.0.5a

  • Kde 3.1

  • Kde 3.1.1


References

CONFIRM - http://www.kde.org/info/security/advisory-20030409-1.txt

DEBIAN - DSA-284

REDHAT - RHSA-2003:002

DEBIAN - DSA-296

DEBIAN - DSA-293

CONFIRM - http://bugs.kde.org/show_bug.cgi?id=56808

CONFIRM - http://bugs.kde.org/show_bug.cgi?id=53343

MANDRAKE - MDKSA-2003:049

BUGTRAQ - 20030414 GLSA: kde-2.x (200304-05.1)

BUGTRAQ - 20030412 [Sorcerer-spells] KDE-SORCERER2003-04-12

BUGTRAQ - 20030411 GLSA: kde-2.x (200304-05)

BUGTRAQ - 20030410 GLSA: kde-3.x (200304-04)

CONECTIVA - CLA-2003:747

CONECTIVA - CLA-2003:668


Last Updated: 27 May 2016 10:37:49