CVE-2005-1920

Sažetak

The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote attackers to obtain sensitive information.

Reference

http://marc.info/?l=bugtraq&m=112171434023679&w=2
http://secunia.com/advisories/16099
http://secunia.com/advisories/23099
http://security.gentoo.org/glsa/glsa-200611-21.xml
http://securitytracker.com/id?1014512
http://www.debian.org/security/2005/dsa-804
http://www.kde.org/info/security/advisory-20050718-1.txt
http://www.novell.com/linux/security/advisories/2005_18_sr.html
http://www.redhat.com/support/errata/RHSA-2005-612.html
http://www.securityfocus.com/archive/1/427976/100/0/threaded
http://www.securityfocus.com/bid/14297
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9434

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

25-01-2024 - 21:11

Objavljeno

26-07-2005 - 04:00