CVE-2002-1223

Name of the Vulnerable Software and Affected Versions kde-i18n-Catalan version 3.0.3 kde-i18n-Czech version 3.0.3 kde-i18n-Danish version 3.0.3 kde-i18n-British version 3.0.3 kde-i18n-Brazil version 3.0.3 kde-i18n-Afrikaans version 3.0.3 kde-i18n-Chinese version 3.0.3 kde-i18n-Chinese-Big5 version 3.0.3 qt version 3.0.5 kcharselect version 3.0.3 kamera version 3.0.3 kaboodle version 3.0.3 kdenetwork version 2.2.2 kdenetwork version 3.0.3 kdenetwork-ppp version 2.2.2 kdegraphics version 2.2.2 kdegraphics version 3.0.3 kdegraphics-devel version 2.2.2 kdelibs version 2.2.2 kdelibs version 3.0.3 kdelibs-devel version 2.2.2 kdelibs-sound version 2.2.2 kdelibs-sound-devel version 2.2.2 kdeartwork version 3.0.3 kdepim version 3.0.3 kdeutils version 3.0.3 kcoloredit version 3.0.3 kdemultimedia version 3.0.3 kdeadmin version 3.0.3 kdevelop version 2.1.3 kdesdk version 3.0.3 kdeaddons version 3.0.3 kdebindings version 3.0.3 karm version 3.0.3 kdebase version 3.0.3

Description The issue affects various packages of the Red Hat Linux operating system, including kde-i18n, qt, kcharselect, kamera, kaboodle, kdenetwork, kdegraphics, kdelibs, kdeartwork, kdepim, kdeutils, kcoloredit, kdemultimedia, kdeadmin, kdevelop, kdesdk, kdeaddons, kdebindings, and karm. Exploitation of these vulnerabilities may lead to a disruption of confidentiality, integrity, and availability of protected information. The vulnerabilities can be exploited remotely. A buffer overflow in the DSC 3.0 parser from GSview, used in KGhostView in KDE, may allow attackers to cause a denial of service or execute arbitrary code via a modified .ps input file.

Recommendations As a temporary workaround, consider disabling the vulnerable components until a patch is available. For qt version 3.0.5, restrict access to the qt module to minimize the risk of exploitation. For kcharselect version 3.0.3, avoid using the kcharselect module until the issue is resolved. For kamera version 3.0.3, restrict access to the kamera module to minimize the risk of exploitation. For kaboodle version 3.0.3, avoid using the kaboodle module until the issue is resolved. For kdenetwork version 2.2.2 and 3.0.3, restrict access to the kdenetwork module to minimize the risk of exploitation. For kdegraphics version 2.2.2 and 3.0.3, avoid using the kdegraphics module until the issue is resolved. For kdelibs version 2.2.2 and 3.0.3, restrict access to the kdelibs module to minimize the risk of exploitation. For kdeartwork version 3.0.3, avoid using the kdeartwork module until the issue is resolved. For kdepim version 3.0.3, restrict access to the kdepim module to minimize the risk of exploitation. For kdeutils version 3.0.3, avoid using the kdeutils module until the issue is resolved. For kcoloredit version 3.0.3, restrict access to the kcoloredit module to minimize the risk of exploitation. For kdemultimedia version 3.0.3, avoid using the kdemultimedia module until the issue is resolved. For kdeadmin version 3.0.3, restrict access to the kdeadmin module to minimize the risk of exploitation. For kdevelop version 2.1.3, avoid using the kdevelop module until the issue is resolved. For kdesdk version 3.0.3, restrict access to the kdesdk module to minimize the risk of exploitation. For kdeaddons version 3.0.3, avoid using the kdeaddons module until the issue is resolved. For kdebindings version 3.0.3, restrict access to the kdebindings module to minimize the risk of exploitation. For karm version 3.0.3, avoid using the karm module until the issue is resolved. For kdebase version 3.0.3, restrict access to the kdebase module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.