Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1586

Overview

Vulnerability Score 5.8 5.8
CVE Id CVE-2011-1586
Last Modified 06 Sep 2011 11:16:15
Published 26 Apr 2011 08:55:04
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-1586

Summary

Directory traversal vulnerability in the KGetMetalink::File::isValidNameAttr function in ui/metalinkcreator/metalinker.cpp in KGet in KDE SC 4.6.2 and earlier allows remote attackers to create arbitrary files via a .. (dot dot) in the name attribute of a file element in a metalink file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-1000.

Vulnerable Systems

Application

  • Kde Sc 2.2.0

  • Kde Sc 3.5.10

  • Kde Sc 4.0.0

  • Kde Sc 4.0.1

  • Kde Sc 4.0.2

  • Kde Sc 4.0.3

  • Kde Sc 4.0.4

  • Kde Sc 4.0.5

  • Kde Sc 4.1.0

  • Kde Sc 4.1.1

  • Kde Sc 4.1.2

  • Kde Sc 4.1.3

  • Kde Sc 4.1.4

  • Kde Sc 4.1.80

  • Kde Sc 4.1.85

  • Kde Sc 4.1.96

  • Kde Sc 4.2

  • Kde Sc 4.2.0

  • Kde Sc 4.2.1

  • Kde Sc 4.2.2

  • Kde Sc 4.2.3

  • Kde Sc 4.2.4

  • Kde Sc 4.3.0

  • Kde Sc 4.3.1

  • Kde Sc 4.3.2

  • Kde Sc 4.3.3

  • Kde Sc 4.3.4

  • Kde Sc 4.3.5

  • Kde Sc 4.4.0

  • Kde Sc 4.4.1

  • Kde Sc 4.4.2

  • Kde Sc 4.4.3

  • Kde Sc 4.4.4

  • Kde Sc 4.4.5

  • Kde Sc 4.5.0

  • Kde Sc 4.5.1

  • Kde Sc 4.5.2

  • Kde Sc 4.5.3

  • Kde Sc 4.5.4

  • Kde Sc 4.5.5

  • Kde Sc 4.6

  • Kde Sc 4.6.0

  • Kde Sc 4.6.1

  • Kde Sc 4.6.2


References

CONFIRM - http://websvn.kde.org/branches/KDE/4.6/kdenetwork/kget/ui/metalinkcreator/metalinker.cpp?r1=1227471&r2=1227470&pathrev=1227471

CONFIRM - http://websvn.kde.org/branches/KDE/4.4/kdenetwork/kget/ui/metalinkcreator/metalinker.cpp?r1=1227468&r2=1227467&pathrev=1227468

CONFIRM - https://launchpad.net/bugs/757526

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=697042

XF - kget-name-directory-traversal(66826)

VUPEN - ADV-2011-1135

VUPEN - ADV-2011-1021

VUPEN - ADV-2011-1019

UBUNTU - USN-1114-1

REDHAT - RHSA-2011:0465

MANDRIVA - MDVSA-2011:081

CONFIRM - http://websvn.kde.org/branches/KDE/4.5/kdenetwork/kget/ui/metalinkcreator/metalinker.cpp?r1=1227469&r2=1227468&pathrev=1227469

SECUNIA - 44329

SECUNIA - 44124

MLIST - [oss-security] 20110415 Re: CVE Request: incomplete fix for CVE-2010-1000 in KDE network


Last Updated: 27 May 2016 10:56:23