CVE-2005-0078
First published: Mon May 02 2005(Updated: )
The KDE screen saver in KDE before 3.0.5 does not properly check the return value from a certain function call, which allows attackers with physical access to cause a crash and access the desktop session.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| KDE KDE | =2.2.1 | |
| KDE KDE | =3.0_beta_1 | |
| KDE KDE | =2.0 | |
| KDE KDE | =3.0.2 | |
| redhat enterprise Linux desktop | =3.0 | |
| KDE KDE | =2.2 | |
| Red Hat Enterprise Linux | =3.0 | |
| Red Hat Enterprise Linux | =2.1 | |
| KDE KDE | =2.0.1 | |
| KDE KDE | =2.2_beta1 | |
| Debian GNU/Linux | =3.0 | |
| Red Hat Enterprise Linux | =2.1 | |
| KDE KDE | =2.1 | |
| KDE KDE | =3.0.1 | |
| Red Hat Linux Advanced Workstation | =2.1 | |
| KDE KDE | =2.1_beta2 | |
| KDE KDE | =3.0_beta_2 | |
| KDE KDE | =3.0.4 | |
| KDE KDE | =3.0 | |
| KDE KDE | =1.1.2 | |
| KDE KDE | =1.1.1 | |
| Red Hat Enterprise Linux | =3.0 | |
| Red Hat Enterprise Linux | =2.1 | |
| KDE KDE | =1.1 | |
| KDE KDE | =1.0 | |
| Red Hat Enterprise Linux | =3.0 | |
| KDE KDE | =3.0.3 | |
| KDE KDE | =2.1_beta1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2005-0078?
CVE-2005-0078 is considered medium severity due to the potential for attackers with physical access to exploit it.
How do I fix CVE-2005-0078?
To fix CVE-2005-0078, upgrade to KDE version 3.0.5 or later which addresses this vulnerability.
What versions of KDE are affected by CVE-2005-0078?
KDE versions prior to 3.0.5, including versions 2.0 to 3.0.4, are affected by CVE-2005-0078.
What type of attack does CVE-2005-0078 allow?
CVE-2005-0078 allows attackers with physical access to crash the screen saver and gain access to the desktop session.
Is physical access required to exploit CVE-2005-0078?
Yes, physical access is required to exploit CVE-2005-0078 as it involves interacting directly with the system.
- agent/references
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/remedy
- agent/description
- agent/weakness
- agent/severity
- agent/author
- agent/event
- agent/softwarecombine
- agent/tags
- collector/nvd-historical
- vendor/kde
- vendor/redhat
- vendor/enterprise linux desktop
- vendor/enterprise linux
- vendor/debian
- vendor/debian linux
- vendor/linux advanced workstation
- agent/software-canonical-lookup-request
- collector/nvd-index
- canonical/kde kde
- version/kde kde/2.2.1
- version/kde kde/3.0_beta_1
- version/kde kde/2.0
- version/kde kde/3.0.2
- canonical/redhat enterprise linux desktop
- version/redhat enterprise linux desktop/3.0
- version/kde kde/2.2
- canonical/red hat enterprise linux
- version/red hat enterprise linux/3.0
- version/red hat enterprise linux/2.1
- version/kde kde/2.0.1
- version/kde kde/2.2_beta1
- canonical/debian gnu/linux
- version/debian gnu/linux/3.0
- version/kde kde/2.1
- version/kde kde/3.0.1
- canonical/red hat linux advanced workstation
- version/red hat linux advanced workstation/2.1
- version/kde kde/2.1_beta2
- version/kde kde/3.0_beta_2
- version/kde kde/3.0.4
- version/kde kde/3.0
- version/kde kde/1.1.2
- version/kde kde/1.1.1
- version/kde kde/1.1
- version/kde kde/1.0
- version/kde kde/3.0.3
- version/kde kde/2.1_beta1