KDE个人信息管理套件VCF文件远程缓冲区溢出漏洞

漏洞ID	1202065	漏洞类型	边界条件错误
发布时间	2004-01-14	更新时间	2009-07-12
CVE编号	CVE-2003-0988	CNNVD-ID	CNNVD-200402-052
漏洞平台	N/A	CVSS评分	7.5

|漏洞来源

https://www.securityfocus.com/bid/9419
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200402-052

|漏洞详情

KDE是一款免费开放源代码X桌面管理程序，KDE个人信息管理程序(kdepim)套件帮助用户管理EMAIL，任务和联系人等信息。kdepim程序在处理VCF文件信息头时存在缓冲区溢出，远程攻击者可以利用这个漏洞构建恶意VCF文件，诱使用户打开而可能以进程权限执行任意指令。目前没有详细漏洞细节提供。

|受影响的产品

Slackware Linux 9.1 Slackware Linux 9.0 Slackware Linux -current Redhat kdepim-devel-3.1-5.i386.rpm Redhat kdepim-3.1-5.i386.rpm Redhat Fedora Core1 Ma

|参考资料

resource:
hyperlink:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000810
resource:
hyperlink:http://marc.info/?l=bugtraq&m=107412130407906&w=2
resource:
hyperlink:http://security.gentoo.org/glsa/glsa-200404-02.xml
resource:US Government Resource
hyperlink:http://www.kb.cert.org/vuls/id/820798
resource:Patch
hyperlink:http://www.kde.org/info/security/advisory-20040114-1.txt
resource:
hyperlink:http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:003
resource:Patch
hyperlink:http://www.redhat.com/support/errata/RHSA-2004-005.html
resource:
hyperlink:http://www.redhat.com/support/errata/RHSA-2004-006.html
resource:Patch
hyperlink:http://www.securityfocus.com/bid/9419
resource:
hyperlink:https://exchange.xforce.ibmcloud.com/vulnerabilities/14833
resource:
hyperlink:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A858
resource:
hyperlink:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A865

KDE个人信息管理套件VCF文件远程缓冲区溢出漏洞

|漏洞来源

|漏洞详情

|受影响的产品

|参考资料

检索漏洞

相关漏洞