Bug 48730 (CVE-2003-0988)

Summary: VUL-0: CVE-2003-0988: buffer overflow in kfile-plugin from kdepim
Product: [Novell Products] SUSE Security Incidents Reporter: Adrian Schröter <adrian.schroeter>
Component: IncidentsAssignee: Thomas Biege <thomas>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: security-team
Version: unspecified   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: CVE-2003-0988: CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Adrian Schröter 2003-12-18 20:16:44 UTC 
code can be execute when kdepim3 is installed and konqueror or the KDE file
dialog shows a prepared vcard file.

Hits KDE 3.1 only (SuSE 8.2 and 9.0 and SLD)
Comment 1 Adrian Schröter 2003-12-18 22:08:11 UTC 
packages are checked in and patchinfos are created.
Comment 2 Thomas Biege 2003-12-19 18:16:13 UTC 
Chris Schlaeger agreed to bypass QA-Testing. 
Asked Dirk Mueller about a release date.
Comment 3 Thomas Biege 2004-01-02 18:38:17 UTC 
12.01.2004, coordinated release date
Comment 4 Thomas Biege 2004-01-05 16:39:02 UTC 
14.01.2003, new release date
Comment 5 Thomas Biege 2004-01-14 17:01:43 UTC 
packages approved
Comment 6 Marcus Meissner 2007-11-30 10:56:23 UTC 
CVE-2003-0988
Comment 7 Thomas Biege 2009-10-13 19:43:09 UTC 
CVE-2003-0988: CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)