Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2004-0866
HistoryFeb 13, 2005 - 5:00 a.m.

CVE-2004-0866

2005-02-1305:00:00
mitre
web.nvd.nist.gov
41
cve
2004
0866
internet explorer
session hijack
vulnerability
nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.9

Confidence

High

EPSS

0.006

Percentile

77.6%

JSON

Internet Explorer 6.0 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user’s HTTP session.

Affected configurations

Nvd
Node
kdekonquerorMatch2.1.1
OR
kdekonquerorMatch2.1.2
OR
kdekonquerorMatch2.2.1
OR
kdekonquerorMatch2.2.2
OR
kdekonquerorMatch3.0
OR
kdekonquerorMatch3.0.1
OR
kdekonquerorMatch3.0.2
OR
kdekonquerorMatch3.0.3
OR
kdekonquerorMatch3.0.5
OR
kdekonquerorMatch3.0.5b
OR
kdekonquerorMatch3.1
OR
kdekonquerorMatch3.1.1
OR
kdekonquerorMatch3.1.2
OR
kdekonquerorMatch3.1.3
OR
kdekonquerorMatch3.1.4
OR
kdekonquerorMatch3.1.5
OR
kdekonquerorMatch3.2.1
OR
kdekonquerorMatch3.2.3
OR
microsoftieMatch6.0sp1
OR
microsoftieMatch6.0sp2
OR
microsoftinternet_explorerMatch6.0
OR
mozillafirefoxMatch0.9.2
Node
susesuse_linuxMatch1.0desktop
OR
susesuse_linuxMatch8enterprise_server
OR
susesuse_linuxMatch8.1
OR
susesuse_linuxMatch8.2
OR
susesuse_linuxMatch9.0
VendorProductVersionCPE
kdekonqueror2.1.1cpe:2.3:a:kde:konqueror:2.1.1:*:*:*:*:*:*:*
kdekonqueror2.1.2cpe:2.3:a:kde:konqueror:2.1.2:*:*:*:*:*:*:*
kdekonqueror2.2.1cpe:2.3:a:kde:konqueror:2.2.1:*:*:*:*:*:*:*
kdekonqueror2.2.2cpe:2.3:a:kde:konqueror:2.2.2:*:*:*:*:*:*:*
kdekonqueror3.0cpe:2.3:a:kde:konqueror:3.0:*:*:*:*:*:*:*
kdekonqueror3.0.1cpe:2.3:a:kde:konqueror:3.0.1:*:*:*:*:*:*:*
kdekonqueror3.0.2cpe:2.3:a:kde:konqueror:3.0.2:*:*:*:*:*:*:*
kdekonqueror3.0.3cpe:2.3:a:kde:konqueror:3.0.3:*:*:*:*:*:*:*
kdekonqueror3.0.5cpe:2.3:a:kde:konqueror:3.0.5:*:*:*:*:*:*:*
kdekonqueror3.0.5bcpe:2.3:a:kde:konqueror:3.0.5b:*:*:*:*:*:*:*
Rows per page:
1-10 of 271

Related

nvd 4
cvelist 3
cve 3
prion 2
nessus 1
securityvulns 1
nvd
nvd
CVE-2004-0866
2004-09-16 04:00:00
CVE-2004-0868
2004-12-23 05:00:00
CVE-2008-3173
2008-07-14 23:41:00
cvelist
cvelist
CVE-2004-0866
2005-02-13 05:00:00
CVE-2008-3173
2008-07-14 23:00:00
CVE-2008-3170
2008-07-14 23:00:00
cve
cve
CVE-2004-0868
2004-12-23 05:00:00
CVE-2008-3173
2008-07-14 23:41:00
CVE-2008-3170
2008-07-14 23:41:00
prion
prion
Cross site scripting
2008-07-14 23:41:00
Cross site scripting
2008-07-14 23:41:00
nessus
nessus
RHEL 2.1 / 3 : kdelibs, kdebase (RHSA-2004:412)
2004-10-06 00:00:00
securityvulns
securityvulns
wp-04-0001: Multiple Browser Cookie Injection Vulnerabilities
2004-09-17 00:00:00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.9

Confidence

High

EPSS

0.006

Percentile

77.6%

JSON
Related for CVE-2004-0866
nvd4cvelist3cve3prion2nessus1securityvulns1