Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-0459 | 2 Kde, Redhat | 8 Konqueror, Konqueror Embedded, Analog Real-time Synthesizer and 5 more | 2017-10-10 | 5.0 MEDIUM | N/A |
KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites. | |||||
CVE-2003-0547 | 2 Gnome, Redhat | 2 Gdm, Kdebase | 2017-10-10 | 2.1 LOW | N/A |
GDM before 2.4.1.6, when using the "examine session errors" feature, allows local users to read arbitrary files via a symlink attack on the ~/.xsession-errors file. | |||||
CVE-2003-0548 | 2 Gnome, Redhat | 4 Gdm, Enterprise Linux, Kdebase and 1 more | 2017-10-10 | 5.0 MEDIUM | N/A |
The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) when a chosen host expires, a different issue than CVE-2003-0549. | |||||
CVE-2003-0549 | 2 Gnome, Redhat | 4 Gdm, Enterprise Linux, Kdebase and 1 more | 2017-10-10 | 5.0 MEDIUM | N/A |
The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) via a short authorization key name. |