Name | CVE-2002-1393 |
Description | Multiple vulnerabilities in KDE 2 and KDE 3.x through 3.0.5 do not quote certain parameters that are inserted into a shell command, which could allow remote attackers to execute arbitrary commands via (1) URLs, (2) filenames, or (3) e-mail addresses. |
Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
References | DSA-234, DSA-235, DSA-236, DSA-237, DSA-238, DSA-239, DSA-240, DSA-241, DSA-242, DSA-243 |
The table below lists information on source packages.
Source Package | Release | Version | Status |
---|---|---|---|
kdepim (PTS) | jessie, jessie (lts) | 4:4.14.1-1+deb8u2 | fixed |
stretch | 4:16.04.3-4~deb9u1 | fixed |
The information below is based on the following data on fixed versions.
Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
---|---|---|---|---|---|---|
kdeadmin | source | woody | 2.2.2-7.2 | DSA-234 | ||
kdeadmin | source | (unstable) | 4:3.0.5a | |||
kdebase | source | woody | 2.2.2-14.2 | DSA-242 | ||
kdebase | source | (unstable) | 4:3.0.5a | |||
kdegames | source | woody | 2.2.2-2.2 | DSA-240 | ||
kdegames | source | (unstable) | 4:3.0.5a | |||
kdegraphics | source | woody | 2.2.2-6.10 | DSA-235 | ||
kdegraphics | source | (unstable) | 4:3.0.5a | |||
kdelibs | source | woody | 2.2.2-13.woody.6 | DSA-236 | ||
kdelibs | source | (unstable) | 4:3.0.5a | |||
kdemultimedia | source | woody | 2.2.2-8.2 | DSA-243 | ||
kdemultimedia | source | (unstable) | 4:3.0.5a | |||
kdenetwork | source | woody | 2.2.2-14.6 | DSA-237 | ||
kdenetwork | source | (unstable) | 4:3.0.5a | |||
kdepim | source | woody | 2.2.2-5.2 | DSA-238 | ||
kdepim | source | (unstable) | 4:3.0.5a | |||
kdesdk | source | woody | 2.2.2-3.2 | DSA-239 | ||
kdesdk | source | (unstable) | 4:3.0.5a | |||
kdeutils | source | woody | 2.2.2-9.2 | DSA-241 | ||
kdeutils | source | (unstable) | 4:3.0.5a |