Multiple buffer overflows in LISa on KDE 2.x for 2.1 and later, and KDE 3.x before 3.0.4, allow (1) local and possibly remote attackers to execute arbitrary code via the lisa daemon, and (2) remote attackers to execute arbitrary code via a certain lan:// URL.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Kde | Kde | 2.1 (including) | 2.1 (including) |
| Kde | Kde | 2.1.1 (including) | 2.1.1 (including) |
| Kde | Kde | 2.1.2 (including) | 2.1.2 (including) |
| Kde | Kde | 2.2 (including) | 2.2 (including) |
| Kde | Kde | 2.2.1 (including) | 2.2.1 (including) |
| Kde | Kde | 2.2.2 (including) | 2.2.2 (including) |
| Kde | Kde | 3.0 (including) | 3.0 (including) |
| Kde | Kde | 3.0.1 (including) | 3.0.1 (including) |
| Kde | Kde | 3.0.2 (including) | 3.0.2 (including) |
| Kde | Kde | 3.0.3 (including) | 3.0.3 (including) |
| Red Hat Enterprise Linux AS (Advanced Server) version 2.1 | RedHat | * | |
| Red Hat Linux 7.2 | RedHat | * | |
| Red Hat Linux 7.3 | RedHat | * | |
| Red Hat Linux 8.0 | RedHat | * |