VDB
CVE-2008-1671
CVE-2008-1671
PUBLISHED
CVSS 4.599999904632568 MEDIUM
start_kdeinit in KDE 3.5.5 through 3.5.9, when installed setuid root, allows local users to cause a denial of service and possibly execute arbitrary code via "user-influenceable input" (probably command-line arguments) that cause start_kdeinit to send SIGUSR1 signals to other processes.
EPSS 0.13% · 32.0th percentile
Risk Scores
CVSS v2.0
4.599999904632568
EPSS Score
0.13%
32.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| kde | kde | 3.5.5, 3.5.6, 3.5.7 |
Timeline
- Apr 28, 2008 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 17, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 1, 2023 EPSS Score
- May 24, 2023 EPSS Score
References
- 30113 third-party-advisory
- ftp://ftp.kde.org/pub/kde/security_patches/post-kde-3.5.5-kinit.diff url
- GLSA-200804-30 vendor-advisory
- SUSE-SR:2008:011 vendor-advisory
- 1019924 vdb
- 29977 third-party-advisory
- USN-608-1 vendor-advisory
- 29951 third-party-advisory
- ADV-2008-1370 vdb
- 28938 vdb
- http://www.kde.org/info/security/advisory-20080426-2.txt url
- MDVSA-2008:097 vendor-advisory
- kde-startkdeinit-privilege-escalation(42039) vdb
- https://nvd.nist.gov/vuln/detail/CVE-2008-1671 advisory