Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0721

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2004-0721
Last Modified 21 Aug 2010 12:21:08
Published 27 Jul 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0721

Summary

Konqueror 3.1.3, 3.2.2, and possibly other versions does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.

Vulnerable Systems

Application

  • Kde Konqueror 3.1.3

  • Kde Konqueror 3.2.2


References

XF - http-frame-spoof(1598)

CONFIRM - http://www.kde.org/info/security/advisory-20040811-3.txt

GENTOO - 200408-13

MISC - http://secunia.com/multiple_browsers_frame_injection_vulnerability_test/

SECUNIA - 11978

BUGTRAQ - 20040811 KDE Security Advisories: Temporary File and Konqueror Frame Injection Vulnerabilities

CONECTIVA - CLA-2004:864


Last Updated: 27 May 2016 10:38:43