CVE-2014-6054

Name of the Vulnerable Software and Affected Versions kdenetwork-kopete-devel version 4.10.5 kdenetwork-krdc version 4.10.5 kdenetwork-kopete version 4.10.5 kdenetwork-kget-libs version 4.10.5 kdenetwork-krfb-libs version 4.10.5 kdenetwork-kdnssd version 4.10.5 kdenetwork-common version 4.10.5 kdenetwork-fileshare-samba version 4.10.5 kdenetwork-devel version 4.10.5 kdenetwork-kget version 4.10.5 kdenetwork-krdc-libs version 4.10.5 kdenetwork-krdc-devel version 4.10.5 kdenetwork-krfb version 4.10.5 kdenetwork-debuginfo version 4.10.5 LibVNCServer version 0.9.9 and earlier

Description The issue is related to multiple vulnerabilities in various packages of the kdenetwork suite, which can lead to a disruption of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely by an attacker who has passed the authentication procedure. Additionally, a vulnerability in the LibVNCServer library can cause a denial of service (divide-by-zero error and server crash) via a zero value in the scaling factor in a PalmVNCSetScaleFactor or SetScale message.

Recommendations For kdenetwork-kopete-devel version 4.10.5, restrict access to the vulnerable components to minimize the risk of exploitation. For kdenetwork-krdc version 4.10.5, consider disabling the remote access functionality until a patch is available. For kdenetwork-kopete version 4.10.5, avoid using the vulnerable features until the issue is resolved. For kdenetwork-kget-libs version 4.10.5, restrict access to the vulnerable libraries to minimize the risk of exploitation. For kdenetwork-krfb-libs version 4.10.5, consider disabling the vulnerable libraries until a patch is available. For kdenetwork-kdnssd version 4.10.5, restrict access to the vulnerable components to minimize the risk of exploitation. For kdenetwork-common version 4.10.5, avoid using the vulnerable features until the issue is resolved. For kdenetwork-fileshare-samba version 4.10.5, restrict access to the vulnerable components to minimize the risk of exploitation. For kdenetwork-devel version 4.10.5, consider disabling the vulnerable development tools until a patch is available. For kdenetwork-kget version 4.10.5, restrict access to the vulnerable components to minimize the risk of exploitation. For kdenetwork-krdc-libs version 4.10.5, avoid using the vulnerable libraries until the issue is resolved. For kdenetwork-krdc-devel version 4.10.5, consider disabling the vulnerable development tools until a patch is available. For kdenetwork-krfb version 4.10.5, restrict access to the vulnerable components to minimize the risk of exploitation. For kdenetwork-debuginfo version 4.10.5, avoid using the vulnerable debugging tools until the issue is resolved. For LibVNCServer version 0.9.9 and earlier, update to a newer version to mitigate the risk of exploitation.