GCVE - cpe:2.3:a:kde:kde_sc:4.4.4:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:kde:kde_sc:4.4.4:*:*:*:*:*:*:*

part: a version: 4.4.4 update: *

Vendor	Kde (`d8ba08cf-7ec1-5504-a5b9-f8cfa50ca850`)
Product	Kde Sc (`a5926000-7aa3-515f-acdf-69ed3f941c05`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2011-1586`	vulnerable	2026-06-03 14:31:02.786304	Details available Directory traversal vulnerability in the KGetMetalink::File::isValidNameAttr function in ui/metalinkcreator/metalinker.cpp in KGet in KDE SC 4.6.2 and earlier allows remote attackers to create arbitrary files via a .. (dot dot) in the name attribute of a file element in a metalink file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-1000. Published: 2011-04-27T00:00:00.000Z Updated: 2024-08-06T22:28:42.059Z Open on db.gcve.eu Reference links https://launchpad.net/bugs/757526 http://websvn.kde.org/branches/KDE/4.4/kdenetwork/kget/ui/metalinkcreator/metalinker.cpp?r1=1227468&r2=1227467&pathrev=1227468 http://websvn.kde.org/branches/KDE/4.6/kdenetwork/kget/ui/metalinkcreator/metalinker.cpp?r1=1227471&r2=1227470&pathrev=1227471 http://secunia.com/advisories/44124 http://openwall.com/lists/oss-security/2011/04/15/9	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-1168`	vulnerable	2026-06-03 14:30:59.122048	Details available Cross-site scripting (XSS) vulnerability in the KHTMLPart::htmlError function in khtml/khtml_part.cpp in Konqueror in KDE SC 4.4.0 through 4.6.1 allows remote attackers to inject arbitrary web script or HTML via the URI in a URL corresponding to an unavailable web site. Published: 2011-04-18T18:00:00.000Z Updated: 2024-08-06T22:14:27.829Z Open on db.gcve.eu Reference links http://www.vupen.com/english/advisories/2011/0990 http://www.mandriva.com/security/advisories?name=MDVSA-2011:075 http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html http://www.securityfocus.com/archive/1/517433/100/0/threaded http://secunia.com/advisories/44108	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2010-2575`	vulnerable	2026-06-03 14:30:26.153082	Details available Heap-based buffer overflow in the RLE decompression functionality in the TranscribePalmImageToJPEG function in generators/plucker/inplug/image.cpp in Okular in KDE SC 4.3.0 through 4.5.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image in a PDB file. Published: 2010-08-30T20:00:00.000Z Updated: 2024-08-07T02:39:37.989Z Open on db.gcve.eu Reference links http://www.ubuntu.com/usn/USN-979-1 http://www.vupen.com/english/advisories/2010/2178 http://www.vupen.com/english/advisories/2010/2202 http://www.vupen.com/english/advisories/2010/2219 http://secunia.com/advisories/41132	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.