Bug 48730 (CVE-2003-0988) - VUL-0: CVE-2003-0988: buffer overflow in kfile-plugin from kdepim
Summary: VUL-0: CVE-2003-0988: buffer overflow in kfile-plugin from kdepim
Status: RESOLVED FIXED
Alias: CVE-2003-0988
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: All Linux
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Thomas Biege
QA Contact: Security Team bot
URL:
Whiteboard: CVE-2003-0988: CVSS v2 Base Score: 7....
Keywords:
Depends on:
Blocks:
 
Reported: 2003-12-18 20:16 UTC by Adrian Schröter
Modified: 2021-10-02 08:56 UTC (History)
1 user (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Adrian Schröter 2003-12-18 20:16:44 UTC 
code can be execute when kdepim3 is installed and konqueror or the KDE file
dialog shows a prepared vcard file.

Hits KDE 3.1 only (SuSE 8.2 and 9.0 and SLD)
Comment 1 Adrian Schröter 2003-12-18 22:08:11 UTC 
packages are checked in and patchinfos are created.
Comment 2 Thomas Biege 2003-12-19 18:16:13 UTC 
Chris Schlaeger agreed to bypass QA-Testing. 
Asked Dirk Mueller about a release date.
Comment 3 Thomas Biege 2004-01-02 18:38:17 UTC 
12.01.2004, coordinated release date
Comment 4 Thomas Biege 2004-01-05 16:39:02 UTC 
14.01.2003, new release date
Comment 5 Thomas Biege 2004-01-14 17:01:43 UTC 
packages approved
Comment 6 Marcus Meissner 2007-11-30 10:56:23 UTC 
CVE-2003-0988
Comment 7 Thomas Biege 2009-10-13 19:43:09 UTC 
CVE-2003-0988: CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)