GCVE - cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:*

part: o version: 3.2.1 update: *

Vendor	Kde (`d8ba08cf-7ec1-5504-a5b9-f8cfa50ca850`)
Product	Kde (`a408b698-7d8a-5093-91eb-ad30be28638d`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2012-4514`	vulnerable	2026-06-03 14:32:19.310647	Details available rendering/render_replaced.cpp in Konqueror in KDE before 4.9.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted web page, related to "trying to reuse a frame with a null part." Published: 2012-11-11T11:00:00.000Z Updated: 2024-08-06T20:35:09.931Z Open on db.gcve.eu Reference links https://bugs.kde.org/show_bug.cgi?id=271528 http://quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=65464349951e0df9b5d80c2eb3cc7458d54923ae http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc http://www.openwall.com/lists/oss-security/2012/10/11/11 http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2007-0104`	vulnerable	2026-06-03 14:27:55.986924	Details available The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node. Published: 2007-01-09T00:00:00.000Z Updated: 2024-08-07T12:03:37.070Z Open on db.gcve.eu Reference links http://secunia.com/advisories/23815 http://www.mandriva.com/security/advisories?name=MDKSA-2007:022 http://www.mandriva.com/security/advisories?name=MDKSA-2007:020 http://www.us-cert.gov/cas/techalerts/TA07-072A.html http://www.mandriva.com/security/advisories?name=MDKSA-2007:021	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-2449`	vulnerable	2026-06-03 14:27:32.245254	Details available KDE Display Manager (KDM) in KDE 3.2.0 up to 3.5.3 allows local users to read arbitrary files via a symlink attack related to the session type for login. Published: 2006-06-15T10:00:00.000Z Updated: 2024-08-07T17:51:04.699Z Open on db.gcve.eu Reference links http://secunia.com/advisories/21662 http://secunia.com/advisories/20890 http://secunia.com/advisories/20674 http://www.osvdb.org/26511 http://secunia.com/advisories/20702	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-0019`	vulnerable	2026-06-03 14:27:14.951320	Details available Heap-based buffer overflow in the encodeURI and decodeURI functions in the kjs JavaScript interpreter engine in KDE 3.2.0 through 3.5.0 allows remote attackers to execute arbitrary code via a crafted, UTF-8 encoded URI. Published: 2006-01-20T21:00:00.000Z Updated: 2024-08-07T16:18:20.752Z Open on db.gcve.eu Reference links https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11858 http://secunia.com/advisories/18500 http://secunia.com/advisories/18552 https://exchange.xforce.ibmcloud.com/vulnerabilities/24242 http://securityreason.com/securityalert/364	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2005-2494`	vulnerable	2026-06-03 14:27:02.221873	Details available kcheckpass in KDE 3.2.0 up to 3.4.2 allows local users to gain root access via a symlink attack on lock files. Published: 2005-09-06T04:00:00.000Z Updated: 2024-08-07T22:30:00.960Z Open on db.gcve.eu Reference links http://www.mandriva.com/security/advisories?name=MDKSA-2005:160 http://marc.info/?l=bugtraq&m=112603999215453&w=2 http://secunia.com/advisories/16692 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9388 http://www.ubuntu.com/usn/usn-176-1	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2005-2101`	vulnerable	2026-06-03 14:27:01.112894	Details available langen2kvtml in KDE 3.0 to 3.4.2 creates insecure temporary files in /tmp with predictable names, which allows local users to overwrite arbitrary files. Published: 2005-08-17T04:00:00.000Z Updated: 2024-08-07T22:15:37.383Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/14561 http://www.kde.org/info/security/advisory-20050815-1.txt http://www.debian.org/security/2005/dsa-818 http://secunia.com/advisories/16428 http://www.mandriva.com/security/advisories?name=MDKSA-2005:159	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2005-0754`	vulnerable	2026-06-03 14:26:51.487235	Details available Kommander in KDE 3.2 through KDE 3.4.0 executes data files without confirmation from the user, which allows remote attackers to execute arbitrary code. Published: 2005-04-24T04:00:00.000Z Updated: 2024-08-07T21:28:27.162Z Open on db.gcve.eu Reference links http://www.kde.org/info/security/advisory-20050420-1.txt http://marc.info/?l=bugtraq&m=111419664411051&w=2 http://secunia.com/advisories/15060 http://www.securityfocus.com/bid/13313 ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.0-kdewebdev-kommander.diff	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2005-0237`	vulnerable	2026-06-03 14:26:49.868835	Details available The International Domain Name (IDN) support in Konqueror 3.2.1 on KDE 3.2.1 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks. Published: 2005-02-07T05:00:00.000Z Updated: 2024-08-07T21:05:25.300Z Open on db.gcve.eu Reference links http://www.shmoo.com/idn/homograph.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/19236 http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031459.html http://www.kde.org/info/security/advisory-20050316-2.txt http://www.shmoo.com/idn	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2005-0206`	vulnerable	2026-06-03 14:26:49.653983	Details available The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities. Published: 2005-02-15T05:00:00.000Z Updated: 2024-08-07T21:05:25.397Z Open on db.gcve.eu Reference links https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107 http://www.mandriva.com/security/advisories?name=MDKSA-2005:041 http://www.securityfocus.com/bid/11501 http://www.redhat.com/support/errata/RHSA-2005-034.html http://www.mandriva.com/security/advisories?name=MDKSA-2005:056	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-1171`	vulnerable	2026-06-03 14:26:38.742087	Details available KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are (1) manually entered by the user or (2) created by the SMB protocol handler, stores those credentials for plaintext in the user's .desktop file, which may be created with world-readable permissions, which could allow local users to obtain usernames and passwords for remote resources such as SMB shares. Published: 2004-12-10T05:00:00.000Z Updated: 2024-08-08T00:39:00.912Z Open on db.gcve.eu Reference links http://secunia.com/advisories/13486 http://www.kb.cert.org/vuls/id/305294 http://www.securityfocus.com/bid/11866 http://securitytracker.com/id?1012471 http://www.ciac.org/ciac/bulletins/p-051.shtml	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-0889`	vulnerable	2026-06-03 14:26:37.357663	Details available Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888. Published: 2004-10-26T04:00:00.000Z Updated: 2024-08-08T00:31:48.137Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/11501 http://www.mandriva.com/security/advisories?name=MDKSA-2004:113 http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml https://exchange.xforce.ibmcloud.com/vulnerabilities/17819	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-0888`	vulnerable	2026-06-03 14:26:37.355313	Details available Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889. Published: 2004-10-26T04:00:00.000Z Updated: 2024-08-08T00:31:47.615Z Open on db.gcve.eu Reference links http://www.redhat.com/support/errata/RHSA-2004-592.html http://www.securityfocus.com/bid/11501 http://www.redhat.com/support/errata/RHSA-2005-066.html https://www.ubuntu.com/usn/usn-9-1/ http://www.mandriva.com/security/advisories?name=MDKSA-2004:113	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-0886`	vulnerable	2026-06-03 14:26:37.312274	Details available Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls. Published: 2004-10-26T04:00:00.000Z Updated: 2024-08-08T00:31:47.875Z Open on db.gcve.eu Reference links http://www.redhat.com/support/errata/RHSA-2004-577.html http://www.mandriva.com/security/advisories?name=MDKSA-2004:109 http://www.redhat.com/support/errata/RHSA-2005-021.html http://www.ciac.org/ciac/bulletins/p-015.shtml http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-0803`	vulnerable	2026-06-03 14:26:36.962872	Details available Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files. Published: 2004-10-26T04:00:00.000Z Updated: 2024-08-08T00:31:47.951Z Open on db.gcve.eu Reference links http://www.gentoo.org/security/en/glsa/glsa-200410-11.xml http://www.redhat.com/support/errata/RHSA-2004-577.html http://www.mandriva.com/security/advisories?name=MDKSA-2004:109 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100114 http://www.redhat.com/support/errata/RHSA-2005-021.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-0690`	vulnerable	2026-06-03 14:26:36.513576	Details available The DCOPServer in KDE 3.2.3 and earlier allows local users to gain unauthorized access via a symlink attack on DCOP files in the /tmp directory. Published: 2004-09-14T04:00:00.000Z Updated: 2024-08-08T00:24:27.164Z Open on db.gcve.eu Reference links http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000864 https://exchange.xforce.ibmcloud.com/vulnerabilities/16962 http://secunia.com/advisories/12276 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=261386 http://www.mandriva.com/security/advisories?name=MDKSA-2004:086	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.