FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-12-11 14:10:47 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
3987c5d1-47a9-11df-a0d5-0016d32f24fb	KDM -- local privilege escalation vulnerability KDE Security Advisory reports: KDM contains a race condition that allows local attackers to make arbitrary files on the system world-writeable. This can happen while KDM tries to create its control socket during user login. A local attacker with a valid local account can under certain circumstances make use of this vulnerability to execute arbitrary code as root. Discovery 2010-04-13 Entry 2010-04-14 Modified 2010-04-14 kdebase <= 3.5.10_6 kdebase-workspace <= 4.3.5_1 CVE-2010-0436 http://www.kde.org/info/security/advisory-20100413-1.txt
14ad2a28-66d2-11dc-b25f-02e0185f8d72	konquerer -- address bar spoofing The KDE development team reports: The Konqueror address bar is vulnerable to spoofing attacks that are based on embedding white spaces in the url. In addition the address bar could be tricked to show an URL which it is intending to visit for a short amount of time instead of the current URL. Discovery 2007-09-14 Entry 2007-09-19 kdebase < 3.5.7_3 kdelibs < 3.5.7_2 CVE-2007-3820 CVE-2007-4224 CVE-2007-4225 http://www.kde.org/info/security/advisory-20070914-1.txt

VuXML ID

Description

3987c5d1-47a9-11df-a0d5-0016d32f24fb

KDM -- local privilege escalation vulnerability

KDE Security Advisory reports:

KDM contains a race condition that allows local attackers to make arbitrary files on the system world-writeable. This can happen while KDM tries to create its control socket during user login. A local attacker with a valid local account can under certain circumstances make use of this vulnerability to execute arbitrary code as root.

Discovery 2010-04-13
Entry 2010-04-14
Modified 2010-04-14
kdebase

<= 3.5.10_6

kdebase-workspace

<= 4.3.5_1

CVE-2010-0436
http://www.kde.org/info/security/advisory-20100413-1.txt

14ad2a28-66d2-11dc-b25f-02e0185f8d72

konquerer -- address bar spoofing

The KDE development team reports:

The Konqueror address bar is vulnerable to spoofing attacks that are based on embedding white spaces in the url. In addition the address bar could be tricked to show an URL which it is intending to visit for a short amount of time instead of the current URL.

Discovery 2007-09-14
Entry 2007-09-19
kdebase

< 3.5.7_3

kdelibs

< 3.5.7_2

CVE-2007-3820
CVE-2007-4224
CVE-2007-4225
http://www.kde.org/info/security/advisory-20070914-1.txt