CVE-2005-2101

langen2kvtml in KDE 3.0 to 3.4.2 creates insecure temporary files in /tmp with predictable names, which allows local users to overwrite arbitrary files.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:P/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://secunia.com/advisories/16428
http://securitytracker.com/id?1014675
http://www.debian.org/security/2005/dsa-818
http://www.kde.org/info/security/advisory-20050815-1.txt	Patch Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2005:159
http://www.securityfocus.com/bid/14561

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:kde:kde:3.0:::::::*
	cpe:2.3:o:kde:kde:3.0.1:::::::*
	cpe:2.3:o:kde:kde:3.0.2:::::::*
	cpe:2.3:o:kde:kde:3.0.3:::::::*
	cpe:2.3:o:kde:kde:3.0.4:::::::*
	cpe:2.3:o:kde:kde:3.0.5:::::::*
	cpe:2.3:o:kde:kde:3.0.5a:::::::*
	cpe:2.3:o:kde:kde:3.1:::::::*
	cpe:2.3:o:kde:kde:3.1.1:::::::*
	cpe:2.3:o:kde:kde:3.1.2:::::::*
	cpe:2.3:o:kde:kde:3.1.3:::::::*
	cpe:2.3:o:kde:kde:3.1.4:::::::*
	cpe:2.3:o:kde:kde:3.1.5:::::::*
	cpe:2.3:o:kde:kde:3.1_alpha1:::::::*
	cpe:2.3:o:kde:kde:3.1_beta1:::::::*
	cpe:2.3:o:kde:kde:3.1_beta2:::::::*
	cpe:2.3:o:kde:kde:3.2:::::::*
	cpe:2.3:o:kde:kde:3.2.0_beta1:::::::*
	cpe:2.3:o:kde:kde:3.2.1:::::::*
	cpe:2.3:o:kde:kde:3.2.2:::::::*
	cpe:2.3:o:kde:kde:3.2.3:::::::*
	cpe:2.3:o:kde:kde:3.3:::::::*
	cpe:2.3:o:kde:kde:3.3.1:::::::*
	cpe:2.3:o:kde:kde:3.3.2:::::::*
	cpe:2.3:o:kde:kde:3.4:::::::*
	cpe:2.3:o:kde:kde:3.4.1:::::::*
	cpe:2.3:o:kde:kde:3.4.2:::::::*

History

No history.

Information

Published : 2005-08-17 04:00

Updated : 2008-09-05 20:50

NVD link : CVE-2005-2101

Mitre link : CVE-2005-2101

CVE.ORG link : CVE-2005-2101

JSON object : View

Products Affected

kde

kde

CWE

NVD-CWE-Other

{"id": "CVE-2005-2101", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2005-08-17T04:00:00.000", "references": [{"url": "http://secunia.com/advisories/16428", "source": "secalert@redhat.com"}, {"url": "http://securitytracker.com/id?1014675", "source": "secalert@redhat.com"}, {"url": "http://www.debian.org/security/2005/dsa-818", "source": "secalert@redhat.com"}, {"url": "http://www.kde.org/info/security/advisory-20050815-1.txt", "tags": ["Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:159", "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/14561", "source": "secalert@redhat.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "langen2kvtml in KDE 3.0 to 3.4.2 creates insecure temporary files in /tmp with predictable names, which allows local users to overwrite arbitrary files."}], "lastModified": "2008-09-05T20:50:53.600", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:kde:kde:3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4CEED379-3111-4451-B782-8C66CE568A1C"}, {"criteria": "cpe:2.3:o:kde:kde:3.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B146FCD3-F6E7-4412-94FD-F9E66089C227"}, {"criteria": "cpe:2.3:o:kde:kde:3.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "99CB51E4-0BFC-4C7C-B9EE-3DBCB0188D73"}, {"criteria": "cpe:2.3:o:kde:kde:3.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C629F0C8-C765-4076-B426-80929F9CE285"}, {"criteria": "cpe:2.3:o:kde:kde:3.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "671D1461-4AB4-4FB6-977D-733888A1BA9B"}, {"criteria": "cpe:2.3:o:kde:kde:3.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E268EFFF-6B28-4C64-B052-AFA3BB1E709F"}, {"criteria": "cpe:2.3:o:kde:kde:3.0.5a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CF9B6CD2-7343-4D68-BEC6-A7BB0E0F0962"}, {"criteria": "cpe:2.3:o:kde:kde:3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F98A556-D640-40F1-92C2-FC262F50F5C8"}, {"criteria": "cpe:2.3:o:kde:kde:3.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B7E2C256-8E9F-4D12-ABF4-FECE06B52CAA"}, {"criteria": "cpe:2.3:o:kde:kde:3.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "33AF934D-B51B-4A81-BC47-FFEAB9A62C30"}, {"criteria": "cpe:2.3:o:kde:kde:3.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4A3096F2-B0F1-45E1-806D-6434DE56619A"}, {"criteria": "cpe:2.3:o:kde:kde:3.1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA5560AA-372B-4462-AFF8-8F27A980E507"}, {"criteria": "cpe:2.3:o:kde:kde:3.1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4904CFFD-4CE1-4D65-A7BA-9B06E5B35D07"}, {"criteria": "cpe:2.3:o:kde:kde:3.1_alpha1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "296D60E4-859E-458A-BDDA-A6265C020F91"}, {"criteria": "cpe:2.3:o:kde:kde:3.1_beta1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8F6AD786-E68C-4952-90D4-3712560FAB2B"}, {"criteria": "cpe:2.3:o:kde:kde:3.1_beta2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C8F628A0-E6F0-4843-9897-1B389853709B"}, {"criteria": "cpe:2.3:o:kde:kde:3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "82F69843-978D-4686-BC5B-1D09DA4A21BD"}, {"criteria": "cpe:2.3:o:kde:kde:3.2.0_beta1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "666F5ADD-94D8-42C9-8A38-5D2F10CB213E"}, {"criteria": "cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ACEE0AED-7918-41E9-A902-AC4070E03132"}, {"criteria": "cpe:2.3:o:kde:kde:3.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "81E19472-47B4-4398-A188-CA5A5D3E7060"}, {"criteria": "cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D17407A2-089E-43A5-9BD5-EFF966F5CC16"}, {"criteria": "cpe:2.3:o:kde:kde:3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9C4B436D-8D6A-473E-B707-26147208808B"}, {"criteria": "cpe:2.3:o:kde:kde:3.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1E26B353-4985-4116-B97A-5767CDC732F1"}, {"criteria": "cpe:2.3:o:kde:kde:3.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9F7180B3-03AC-427C-8CAD-FE06F81C4FF1"}, {"criteria": "cpe:2.3:o:kde:kde:3.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "442021C9-BE4D-4BC9-8114-8BEFA9EC1232"}, {"criteria": "cpe:2.3:o:kde:kde:3.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7036AE90-C7E0-48CE-805D-3F1E04852675"}, {"criteria": "cpe:2.3:o:kde:kde:3.4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8D49AE92-BA00-4A8E-BBFE-1BE994CFA3CF"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}