High severity7.5NVD Advisory· Published Jul 26, 2005· Updated Apr 16, 2026

CVE-2005-1920

Description

The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote attackers to obtain sensitive information.

Affected products

Debian/Debian Linux
cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
KDE/Kde
cpe:2.3:o:kde:kde:*:*:*:*:*:*:*:*
Range: >=3.2,<=3.4.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.kde.org/info/security/advisory-20050718-1.txtnvdPatchVendor Advisory
security.gentoo.org/glsa/glsa-200611-21.xmlnvdThird Party Advisory
securitytracker.com/idnvdBroken LinkThird Party AdvisoryVDB Entry
www.debian.org/security/2005/dsa-804nvdThird Party Advisory
www.securityfocus.com/archive/1/427976/100/0/threadednvdBroken LinkThird Party AdvisoryVDB Entry
www.securityfocus.com/bid/14297nvdBroken LinkThird Party AdvisoryVDB Entry
marc.infonvdMailing List
secunia.com/advisories/16099nvdBroken Link
secunia.com/advisories/23099nvdBroken Link
www.novell.com/linux/security/advisories/2005_18_sr.htmlnvdBroken Link
www.redhat.com/support/errata/RHSA-2005-612.htmlnvdBroken Link
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9434nvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000