1. CVE-Search
  2. CVE-2002-1306
ID CVE-2002-1306
Summary Multiple buffer overflows in LISa on KDE 2.x for 2.1 and later, and KDE 3.x before 3.0.4, allow (1) local and possibly remote attackers to execute arbitrary code via the "lisa" daemon, and (2) remote attackers to execute arbitrary code via a certain "lan://" URL.
References
Vulnerable Configurations
  • cpe:2.3:o:kde:kde:2.1:*:*:*:*:*:*:*
    cpe:2.3:o:kde:kde:2.1:*:*:*:*:*:*:*
  • cpe:2.3:o:kde:kde:2.1.1:*:*:*:*:*:*:*
    cpe:2.3:o:kde:kde:2.1.1:*:*:*:*:*:*:*
  • cpe:2.3:o:kde:kde:2.1.2:*:*:*:*:*:*:*
    cpe:2.3:o:kde:kde:2.1.2:*:*:*:*:*:*:*
  • cpe:2.3:o:kde:kde:2.2:*:*:*:*:*:*:*
    cpe:2.3:o:kde:kde:2.2:*:*:*:*:*:*:*
  • cpe:2.3:o:kde:kde:2.2.1:*:*:*:*:*:*:*
    cpe:2.3:o:kde:kde:2.2.1:*:*:*:*:*:*:*
  • cpe:2.3:o:kde:kde:2.2.2:*:*:*:*:*:*:*
    cpe:2.3:o:kde:kde:2.2.2:*:*:*:*:*:*:*
  • cpe:2.3:o:kde:kde:3.0:*:*:*:*:*:*:*
    cpe:2.3:o:kde:kde:3.0:*:*:*:*:*:*:*
  • cpe:2.3:o:kde:kde:3.0.1:*:*:*:*:*:*:*
    cpe:2.3:o:kde:kde:3.0.1:*:*:*:*:*:*:*
  • cpe:2.3:o:kde:kde:3.0.2:*:*:*:*:*:*:*
    cpe:2.3:o:kde:kde:3.0.2:*:*:*:*:*:*:*
  • cpe:2.3:o:kde:kde:3.0.3:*:*:*:*:*:*:*
    cpe:2.3:o:kde:kde:3.0.3:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 18-10-2016 - 02:25)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
redhat via4
advisories
rhsa
id RHSA-2002:220
refmap via4
bugtraq
  • 20021112 KDE Security Advisory: resLISa / LISa Vulnerabilities
  • 20021114 GLSA: kdelibs
ciac N-020
confirm http://www.kde.org/info/security/advisory-20021111-2.txt
debian DSA-214
mandrake MDKSA-2002:080
suse SuSE-SA:2002:042
xf
  • kde-kdenetwork-lan-bo(10598)
  • kde-kdenetwork-lisa-bo(10597)
Last major update 18-10-2016 - 02:25
Published 29-11-2002 - 05:00
Last modified 18-10-2016 - 02:25
Back to Top