CVE-2005-1920

Published: Jul 26, 2005Modified: Apr 16, 2026

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote attackers to obtain sensitive information.

Affected (2)

Products: Kde: Kde · Debian: Debian Linux

1 product

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Kde Kde	From 3.2 to 3.4.0

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 3.1

Related CWEs

Improper Preservation of Permissions

The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.

References (24)

http://marc.info/?l=bugtraq&m=112171434023679&w=2

Source: secalert@redhat.com

Mailing List

http://secunia.com/advisories/16099

Source: secalert@redhat.com

Broken Link

http://secunia.com/advisories/23099

Source: secalert@redhat.com

Broken Link

http://security.gentoo.org/glsa/glsa-200611-21.xml

Source: secalert@redhat.com

Third Party Advisory

http://securitytracker.com/id?1014512

Source: secalert@redhat.com

Broken LinkThird Party AdvisoryVDB Entry

http://www.debian.org/security/2005/dsa-804

Source: secalert@redhat.com

Third Party Advisory

http://www.kde.org/info/security/advisory-20050718-1.txt

Source: secalert@redhat.com

PatchVendor Advisory

http://www.novell.com/linux/security/advisories/2005_18_sr.html

Source: secalert@redhat.com

Broken Link

http://www.redhat.com/support/errata/RHSA-2005-612.html

Source: secalert@redhat.com

Broken Link

http://www.securityfocus.com/archive/1/427976/100/0/threaded

Source: secalert@redhat.com

Broken LinkThird Party AdvisoryVDB Entry

http://www.securityfocus.com/bid/14297

Source: secalert@redhat.com

Broken LinkThird Party AdvisoryVDB Entry

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9434

Source: secalert@redhat.com

Broken Link

http://marc.info/?l=bugtraq&m=112171434023679&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing List

http://secunia.com/advisories/16099

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

http://secunia.com/advisories/23099

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

http://security.gentoo.org/glsa/glsa-200611-21.xml

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://securitytracker.com/id?1014512

Source: af854a3a-2127-422b-91ae-364da2661108

Broken LinkThird Party AdvisoryVDB Entry

http://www.debian.org/security/2005/dsa-804

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.kde.org/info/security/advisory-20050718-1.txt

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.novell.com/linux/security/advisories/2005_18_sr.html

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

http://www.redhat.com/support/errata/RHSA-2005-612.html

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

http://www.securityfocus.com/archive/1/427976/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

Broken LinkThird Party AdvisoryVDB Entry

http://www.securityfocus.com/bid/14297

Source: af854a3a-2127-422b-91ae-364da2661108

Broken LinkThird Party AdvisoryVDB Entry

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9434

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

Timeline

No history available yet.