Vulnerability Description
Buffer overflow in the VCF file information reader for KDE Personal Information Management (kdepim) suite in KDE 3.1.0 through 3.1.4 allows attackers to execute arbitrary code via a VCF file.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Kde | Kde | 3.1.0 |
References
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000810
- http://marc.info/?l=bugtraq&m=107412130407906&w=2
- http://security.gentoo.org/glsa/glsa-200404-02.xml
- http://www.kb.cert.org/vuls/id/820798US Government Resource
- http://www.kde.org/info/security/advisory-20040114-1.txtPatchVendor Advisory
- http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:003
- http://www.redhat.com/support/errata/RHSA-2004-005.htmlPatchVendor Advisory
- http://www.redhat.com/support/errata/RHSA-2004-006.html
- http://www.securityfocus.com/bid/9419PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/14833
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000810
- http://marc.info/?l=bugtraq&m=107412130407906&w=2
- http://security.gentoo.org/glsa/glsa-200404-02.xml
FAQ
What is CVE-2003-0988?
CVE-2003-0988 is a vulnerability with a CVSS score of 7.5 (HIGH). Buffer overflow in the VCF file information reader for KDE Personal Information Management (kdepim) suite in KDE 3.1.0 through 3.1.4 allows attackers to execute arbitrary code via a VCF file.
How severe is CVE-2003-0988?
CVE-2003-0988 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-0988?
Check the references section above for vendor advisories and patch information. Affected products include: Kde Kde.