CVE-2005-0754

NONE EPSS 85.6%
Published Apr 22, 200521y ago · Modified Jun 16, 20262w ago
Find Similar
Published Apr 22, 2005 21y ago
Last Modified Jun 16, 2026 2w ago

Description

Kommander in KDE 3.2 through KDE 3.4.0 executes data files without confirmation from the user, which allows remote attackers to execute arbitrary code.

Threat Intelligence

EPSS Exploit Probability
85.6% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 18

VendorProductVersionRange
kdequanta3.1any
conectivalinux9.0any
conectivalinux10.0any
gentoolinux*any
kdekde3.2any
kdekde3.2.1any
kdekde3.2.2any
kdekde3.2.3any
kdekde3.3any
kdekde3.3.1any
kdekde3.3.2any
kdekde3.4any
redhatfedora_corecore_3.0any
ubuntuubuntu_linux4.1any
ubuntuubuntu_linux4.1any
ubuntuubuntu_linux5.04any
ubuntuubuntu_linux5.04any
ubuntuubuntu_linux5.04any

References 5

  • ftp.kde.org ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.0-kdewebdev-kommander.diff
    Vendor Advisory
  • marc.info http://marc.info/?l=bugtraq&m=111419664411051&w=2
  • secunia.com http://secunia.com/advisories/15060
    PatchVendor Advisory
  • kde.org http://www.kde.org/info/security/advisory-20050420-1.txt
    PatchVendor Advisory
  • securityfocus.com http://www.securityfocus.com/bid/13313
    PatchVendor Advisory

Remediation

  • secunia.com http://secunia.com/advisories/15060
    PatchVendor Advisory
  • kde.org http://www.kde.org/info/security/advisory-20050420-1.txt
    PatchVendor Advisory
  • securityfocus.com http://www.securityfocus.com/bid/13313
    PatchVendor Advisory