PT-2005-2875 · Kde+1 · Kwrite+3

Dirk Mueller

Publicado

2005-07-26

Atualizado

2024-01-25

CVE-2005-1920

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions KDE versions 3.2.x through 3.4.0

Description The issue affects the Kate and Kwrite applications, where they do not properly set the same permissions on the backup file as were set on the original file. This could allow local users and possibly remote attackers to obtain sensitive information.

Recommendations For KDE versions 3.2.x through 3.4.0, consider updating the permissions handling in the Kate and Kwrite applications to match the original file's permissions for backup files, or apply a configuration change to restrict access to sensitive information until a proper fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Preservation of Permissions

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-281

Identificadores relacionados

CVE-2005-1920

DSA-804-2

RHSA-2005:612

RHSA-2005_612

Produtos afetados

Kde

Kate

Kwrite

Red Hat

PT-2005-2875 · Kde+1 · Kwrite+3

CVE-2005-1920

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 15