Lucene search

[email protected]CVE-2004-0721

HistoryJul 27, 2004 - 4:00 a.m.

CVE-2004-0721

2004-07-2704:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2004-0721

konqueror

frame injection

web site spoofing

security vulnerability

6.4 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.013 Low

EPSS

Percentile

85.8%

JSON

Konqueror 3.1.3, 3.2.2, and possibly other versions does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.

CPENameOperatorVersion
kde:konquerorkde konqueroreq3.1.3
kde:konquerorkde konqueroreq3.2.2

CPE	Name	Operator	Version
kde:konqueror	kde konqueror	eq	3.1.3
kde:konqueror	kde konqueror	eq	3.2.2

References

distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000864

marc.info/?l=bugtraq&m=109225538901170&w=2

secunia.com/advisories/11978

secunia.com/multiple_browsers_frame_injection_vulnerability_test/

security.gentoo.org/glsa/glsa-200408-13.xml

www.kde.org/info/security/advisory-20040811-3.txt

exchange.xforce.ibmcloud.com/vulnerabilities/1598

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11371

6.4 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.013 Low

EPSS

Percentile

85.8%

JSON

Related for CVE-2004-0721

nessus11 openvas9 securityvulns1 freebsd1 redhat1 slackware1