CVE Vulnerabilities

CVE-2002-1393

Published: Jan 17, 2003 | Modified: Oct 18, 2016
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Multiple vulnerabilities in KDE 2 and KDE 3.x through 3.0.5 do not quote certain parameters that are inserted into a shell command, which could allow remote attackers to execute arbitrary commands via (1) URLs, (2) filenames, or (3) e-mail addresses.

Affected Software

Name Vendor Start Version End Version
Kde Kde 2.2.1 2.2.1
Kde Kde 2.1.2 2.1.2
Kde Kde 2.0 2.0
Kde Kde 3.0.2 3.0.2
Kde Kde 3.0.5 3.0.5
Kde Kde 2.2 2.2
Kde Kde 2.0.1 2.0.1
Kde Kde 2.1 2.1
Kde Kde 3.0.1 3.0.1
Kde Kde 3.0.4 3.0.4
Kde Kde 3.0 3.0
Kde Kde 2.1.1 2.1.1
Kde Kde 2.2.2 2.2.2
Kde Kde 3.0.3 3.0.3
Kde Kde 3.0.3a 3.0.3a

References