Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> Red Hat Local Security Checks >> RHSA-2003-003: arts

Vulnerability Assessment Details

RHSA-2003-003: arts

Vulnerability Assessment Summary
Check for the version of the arts packages

Detailed Explanation for this Vulnerability Assessment

A security issue has been found in KDE. This errata provides updates which
resolve these issues.

KDE is a graphical desktop environment for the X Window System.

KDE fails in multiple places to properly quote URLs and filenames
before passing them to a command shell. This could permit remote
attackers to execute arbitrary commands through carefully crafted URLs,
filenames, or email addresses.

Users of KDE are advised to install the updated packages which contain
backported patches to correct this issue.

Please note that for the Itanium (IA64) architecture only, this update also
fixes several other vulnerabilities. Details concerning these
vulnerabilities can be found in advisory RHSA-2002:221 and correspond to
CVE names CVE-2002-0970, CVE-2002-1151, CVE-2002-1247, and CVE-2002-1306.

Solution : http://rhn.redhat.com/errata/RHSA-2003-003.html
Network Security Threat Level: High

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2004 Tenable Network Security

Cables, Connectors