1. CVE-Search
  2. CVE-2003-0988
ID CVE-2003-0988
Summary Buffer overflow in the VCF file information reader for KDE Personal Information Management (kdepim) suite in KDE 3.1.0 through 3.1.4 allows attackers to execute arbitrary code via a VCF file.
References
Vulnerable Configurations
  • cpe:2.3:o:kde:kde:3.1.0:*:*:*:*:*:*:*
    cpe:2.3:o:kde:kde:3.1.0:*:*:*:*:*:*:*
  • cpe:2.3:o:kde:kde:3.1.1:*:*:*:*:*:*:*
    cpe:2.3:o:kde:kde:3.1.1:*:*:*:*:*:*:*
  • cpe:2.3:o:kde:kde:3.1.2:*:*:*:*:*:*:*
    cpe:2.3:o:kde:kde:3.1.2:*:*:*:*:*:*:*
  • cpe:2.3:o:kde:kde:3.1.3:*:*:*:*:*:*:*
    cpe:2.3:o:kde:kde:3.1.3:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 10-10-2017 - 01:30)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
oval via4
  • accepted 2007-04-25T19:53:02.420-04:00
    class vulnerability
    contributors
    • name Jay Beale
      organization Bastille Linux
    • name Thomas R. Jones
      organization Maitreya Security
    description Buffer overflow in the VCF file information reader for KDE Personal Information Management (kdepim) suite in KDE 3.1.0 through 3.1.4 allows attackers to execute arbitrary code via a VCF file.
    family unix
    id oval:org.mitre.oval:def:858
    status accepted
    submitted 2004-03-20T12:00:00.000-04:00
    title Red Hat kdepim VCF File Information Reader BO
    version 38
  • accepted 2007-04-25T19:53:03.917-04:00
    class vulnerability
    contributors
    • name Jay Beale
      organization Bastille Linux
    • name Matt Busby
      organization The MITRE Corporation
    • name Thomas R. Jones
      organization Maitreya Security
    description Buffer overflow in the VCF file information reader for KDE Personal Information Management (kdepim) suite in KDE 3.1.0 through 3.1.4 allows attackers to execute arbitrary code via a VCF file.
    family unix
    id oval:org.mitre.oval:def:865
    status accepted
    submitted 2004-03-20T12:00:00.000-04:00
    title Red Hat Enterprise 3 kdepim VCF File Information Reader BO
    version 37
redhat via4
advisories
  • rhsa
    id RHSA-2004:005
  • rhsa
    id RHSA-2004:006
rpms
  • kdepim-6:3.1.3-3.3
  • kdepim-debuginfo-6:3.1.3-3.3
  • kdepim-devel-6:3.1.3-3.3
refmap via4
bid 9419
bugtraq 20040114 KDE Security Advisory: VCF file information reader vulnerability
cert-vn VU#820798
conectiva CLA-2004:810
confirm http://www.kde.org/info/security/advisory-20040114-1.txt
gentoo GLSA-200404-02
mandrake MDKSA-2004:003
xf kde-kdepim-bo(14833)
Last major update 10-10-2017 - 01:30
Published 17-02-2004 - 05:00
Last modified 10-10-2017 - 01:30
Back to Top