First published: Tue Apr 15 2003(Updated: )
KDE 2 and KDE 3.1.1 and earlier 3.x versions allows attackers to execute arbitrary commands via (1) PostScript (PS) or (2) PDF files, related to missing -dPARANOIDSAFER and -dSAFER arguments when using the kghostview Ghostscript viewer.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
KDE KDE | =2.2.1 | |
KDE KDE | =2.1.2 | |
KDE KDE | =2.0 | |
KDE KDE | =3.0.2 | |
KDE KDE | =3.0.5 | |
KDE KDE | =2.2 | |
KDE KDE | =2.0.1 | |
KDE KDE | =2.1 | |
KDE KDE | =3.0.1 | |
KDE KDE | =2.2.2 | |
KDE KDE | =3.0 | |
KDE KDE | =3.1 | |
KDE KDE | =3.1.1 | |
KDE KDE | =2.1.1 | |
KDE KDE | =3.0.3 | |
KDE KDE | =3.0.3a | |
KDE KDE | =3.0.4 | |
KDE KDE | =3.0.5a |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2003-0204 is considered a moderate severity vulnerability due to its capability to execute arbitrary commands.
To fix CVE-2003-0204, upgrade to a version of KDE that includes the necessary -dPARANOIDSAFER and -dSAFER arguments in the Ghostscript viewer settings.
CVE-2003-0204 affects KDE versions from 2.0 to 3.1.1, including multiple specific sub-versions.
CVE-2003-0204 can be exploited via specially crafted PostScript (PS) or PDF files.
Yes, CVE-2003-0204 could be exploited remotely if a user opens a malicious PS or PDF file.