Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0690

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2004-0690
Last Modified 10 Sep 2008 03:27:23
Published 28 Sep 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2004-0690

Summary

The DCOPServer in KDE 3.2.3 and earlier allows local users to gain unauthorized access via a symlink attack on DCOP files in the /tmp directory.

Vulnerable Systems

Operating System

  • Kde 3.2.1


References

CERT-VN - VU#330638

XF - kde-dcopserver-symlink(16962)

CONFIRM - http://www.kde.org/info/security/advisory-20040811-2.txt

MISC - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=261386

BID - 10924

GENTOO - 200408-13

SECUNIA - 12276

MANDRAKE - MDKSA-2004:086

BUGTRAQ - 20040811 KDE Security Advisories: Temporary File and Konqueror Frame Injection Vulnerabilities

CONECTIVA - CLA-2004:864


Last Updated: 27 May 2016 10:38:43