CVE-2005-1920

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2005-1920
The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote attackers to obtain sensitive information.

7.5 /10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

5.0 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References
Link Resource
http://www.kde.org/info/security/advisory-20050718-1.txt Patch Vendor Advisory
http://www.debian.org/security/2005/dsa-804 Third Party Advisory
http://www.securityfocus.com/bid/14297 Broken Link Third Party Advisory VDB Entry
http://securitytracker.com/id?1014512 Broken Link Third Party Advisory VDB Entry
http://secunia.com/advisories/16099 Broken Link
http://www.redhat.com/support/errata/RHSA-2005-612.html Broken Link
http://www.novell.com/linux/security/advisories/2005_18_sr.html Broken Link
http://security.gentoo.org/glsa/glsa-200611-21.xml Third Party Advisory
http://secunia.com/advisories/23099 Broken Link
http://marc.info/?l=bugtraq&m=112171434023679&w=2 Mailing List
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9434 Broken Link
http://www.securityfocus.com/archive/1/427976/100/0/threaded Broken Link Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:o:kde:kde:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
History

25 Jan 2024, 21:11

Type Values Removed Values Added
CWE NVD-CWE-Other CWE-281
First Time Debian
Debian debian Linux
CPE cpe:2.3:o:kde:kde:3.3:*:*:*:*:*:*:*
cpe:2.3:o:kde:kde:3.2:*:*:*:*:*:*:*
cpe:2.3:o:kde:kde:3.3.1:*:*:*:*:*:*:*
cpe:2.3:o:kde:kde:3.2.2:*:*:*:*:*:*:*
cpe:2.3:o:kde:kde:3.4:*:*:*:*:*:*:*
cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:*
cpe:2.3:o:kde:kde:3.4.0:*:*:*:*:*:*:*
cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*
cpe:2.3:o:kde:kde:3.3.2:*:*:*:*:*:*:*		 cpe:2.3:o:kde:kde:*:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
References (SECUNIA) http://secunia.com/advisories/16099 - (SECUNIA) http://secunia.com/advisories/16099 - Broken Link
References (BID) http://www.securityfocus.com/bid/14297 - (BID) http://www.securityfocus.com/bid/14297 - Broken Link, Third Party Advisory, VDB Entry
References (BUGTRAQ) http://marc.info/?l=bugtraq&m=112171434023679&w=2 - (BUGTRAQ) http://marc.info/?l=bugtraq&m=112171434023679&w=2 - Mailing List
References (REDHAT) http://www.redhat.com/support/errata/RHSA-2005-612.html - (REDHAT) http://www.redhat.com/support/errata/RHSA-2005-612.html - Broken Link
References (SECUNIA) http://secunia.com/advisories/23099 - (SECUNIA) http://secunia.com/advisories/23099 - Broken Link
References (FEDORA) http://www.securityfocus.com/archive/1/427976/100/0/threaded - (FEDORA) http://www.securityfocus.com/archive/1/427976/100/0/threaded - Broken Link, Third Party Advisory, VDB Entry
References (SUSE) http://www.novell.com/linux/security/advisories/2005_18_sr.html - (SUSE) http://www.novell.com/linux/security/advisories/2005_18_sr.html - Broken Link
References (GENTOO) http://security.gentoo.org/glsa/glsa-200611-21.xml - (GENTOO) http://security.gentoo.org/glsa/glsa-200611-21.xml - Third Party Advisory
References (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9434 - (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9434 - Broken Link
References (DEBIAN) http://www.debian.org/security/2005/dsa-804 - (DEBIAN) http://www.debian.org/security/2005/dsa-804 - Third Party Advisory
References (SECTRACK) http://securitytracker.com/id?1014512 - (SECTRACK) http://securitytracker.com/id?1014512 - Broken Link, Third Party Advisory, VDB Entry
CVSS v2 : 5.0
v3 : unknown 		v2 : 5.0
v3 : 7.5
Information

Published : 2005-07-26 04:00

Updated : 2024-01-25 21:11

NVD link : CVE-2005-1920

Mitre link : CVE-2005-1920

JSON object : View

Products Affected

debian

  • debian_linux

kde

  • kde
CWE
CWE-281

Improper Preservation of Permissions