Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2005-1920

The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote attackers to obtain sensitive information.

Published

2005-07-26T04:00:00.000

Last Modified

2025-04-03T01:03:51.193

Status

Deferred

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: NONE
Availability Impact: NONE

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Primary
CWE-281

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	kde	kde	≤ 3.4.0	Yes
Operating System	debian	debian_linux	3.1	Yes

References

http://marc.info/?l=bugtraq&m=112171434023679&w=2 Mailing List ([email protected])
http://secunia.com/advisories/16099 Broken Link ([email protected])
http://secunia.com/advisories/23099 Broken Link ([email protected])
http://security.gentoo.org/glsa/glsa-200611-21.xml Third Party Advisory ([email protected])
http://securitytracker.com/id?1014512 Broken Link, Third Party Advisory, VDB Entry ([email protected])
http://www.debian.org/security/2005/dsa-804 Third Party Advisory ([email protected])
http://www.kde.org/info/security/advisory-20050718-1.txt Patch, Vendor Advisory ([email protected])
http://www.novell.com/linux/security/advisories/2005_18_sr.html Broken Link ([email protected])
http://www.redhat.com/support/errata/RHSA-2005-612.html Broken Link ([email protected])
http://www.securityfocus.com/archive/1/427976/100/0/threaded Broken Link, Third Party Advisory, VDB Entry ([email protected])
http://www.securityfocus.com/bid/14297 Broken Link, Third Party Advisory, VDB Entry ([email protected])
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9434 Broken Link ([email protected])
http://marc.info/?l=bugtraq&m=112171434023679&w=2 Mailing List (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/16099 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/23099 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://security.gentoo.org/glsa/glsa-200611-21.xml Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://securitytracker.com/id?1014512 Broken Link, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2005/dsa-804 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.kde.org/info/security/advisory-20050718-1.txt Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.novell.com/linux/security/advisories/2005_18_sr.html Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2005-612.html Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/427976/100/0/threaded Broken Link, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/14297 Broken Link, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9434 Broken Link (af854a3a-2127-422b-91ae-364da2661108)