CVE-2005-0078

The KDE screen saver in KDE before 3.0.5 does not properly check the return value from a certain function call, which allows attackers with physical access to cause a crash and access the desktop session.

Published: 2005-05-02 Last update: 2026-04-16 Assigner: [email protected] Source: [email protected]

NVD Status：Modified，CVE State: published

View at NVD, CVE.org, EUVD

Conclusion & alert: CVE-2005-0078 is rated Low Risk (25.5/100): CVSS Medium severity, with low exploitation likelihood (EPSS 0.08%). Mandatory action: Monitor for updates and reassess as exploit intelligence or EPSS changes.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2005-0078

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

#	Date	Old EPSS score	New EPSS score	Delta (New - Old)
1	2025-03-17	0.17%	0.08%	-0.09%
2	2023-03-07	1.02%	0.17%	-0.85%
3	2022-02-04	—	1.02%	—

Full EPSS history (3 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2005-0078

CVSS metrics for this CVE.

Base score	Version	Severity	Vector	Exploitability	Impact	Score source
4.6	2.0	MEDIUM	`AV:L/AC:L/Au:N/C:P/I:P/A:P` Click to expand Access vector (AV:L) Requires local access to the target system. Access complexity (AC:L) Exploitation conditions are straightforward and predictable. Authentication (AU:N) No authentication is required. Confidentiality impact (C:P) Partial confidentiality impact. Integrity impact (I:P) Partial integrity impact. Availability impact (A:P) Partial availability impact.	3.9	6.4	[email protected]

Weakness enumeration for CVE-2005-0078

OS Trackers for CVE-2005-0078

vendor	priority	summary	link
`redhat`	medium	—	https://access.redhat.com/security/cve/CVE-2005-0078

Affected software / configurations for CVE-2005-0078

Vendor	Product	Version	Raw CPE
debian	debian_linux	3.0	cpe:2.3:o:debian:debian_linux:3.0::woody:::::
kde	kde	1.0	cpe:2.3:o:kde:kde:1.0:::::::*
kde	kde	1.1	cpe:2.3:o:kde:kde:1.1:::::::*
kde	kde	1.1.1	cpe:2.3:o:kde:kde:1.1.1:::::::*
kde	kde	1.1.2	cpe:2.3:o:kde:kde:1.1.2:::::::*
kde	kde	2.0	cpe:2.3:o:kde:kde:2.0:::::::*
kde	kde	2.0.1	cpe:2.3:o:kde:kde:2.0.1:::::::*
kde	kde	2.1	cpe:2.3:o:kde:kde:2.1:::::::*
kde	kde	2.1_beta1	cpe:2.3:o:kde:kde:2.1_beta1:::::::*
kde	kde	2.1_beta2	cpe:2.3:o:kde:kde:2.1_beta2:::::::*
kde	kde	2.2	cpe:2.3:o:kde:kde:2.2:::::::*
kde	kde	2.2.1	cpe:2.3:o:kde:kde:2.2.1:::::::*
kde	kde	2.2_beta1	cpe:2.3:o:kde:kde:2.2_beta1:::::::*
kde	kde	3.0	cpe:2.3:o:kde:kde:3.0:::::::*
kde	kde	3.0.1	cpe:2.3:o:kde:kde:3.0.1:::::::*
kde	kde	3.0.2	cpe:2.3:o:kde:kde:3.0.2:::::::*
kde	kde	3.0.3	cpe:2.3:o:kde:kde:3.0.3:::::::*
kde	kde	3.0.4	cpe:2.3:o:kde:kde:3.0.4:::::::*
kde	kde	3.0_beta_1	cpe:2.3:o:kde:kde:3.0_beta_1:::::::*
kde	kde	3.0_beta_2	cpe:2.3:o:kde:kde:3.0_beta_2:::::::*
redhat	enterprise_linux	2.1	cpe:2.3:o:redhat:enterprise_linux:2.1::advanced_server:::::
redhat	enterprise_linux	2.1	cpe:2.3:o:redhat:enterprise_linux:2.1::enterprise_server:::::
redhat	enterprise_linux	2.1	cpe:2.3:o:redhat:enterprise_linux:2.1::workstation:::::
redhat	enterprise_linux	3.0	cpe:2.3:o:redhat:enterprise_linux:3.0::advanced_servers:::::
redhat	enterprise_linux	3.0	cpe:2.3:o:redhat:enterprise_linux:3.0::enterprise_server:::::
redhat	enterprise_linux	3.0	cpe:2.3:o:redhat:enterprise_linux:3.0::workstation:::::
redhat	enterprise_linux_desktop	3.0	cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:::::::*
redhat	linux_advanced_workstation	2.1	cpe:2.3:o:redhat:linux_advanced_workstation:2.1:::::::*

References for CVE-2005-0078

URL	Tags
http://www.debian.org/security/2005/dsa-660	Patch Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2005-009.html	Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/19084
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9260

cvelogic Threat Intelligence