[email protected]CVE-2007-4225

HistoryAug 08, 2007 - 9:17 p.m.

CVE-2007-4225

2007-08-0821:17:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve

2007

4225

visual truncation

vulnerability

kde

konqueror

spoofing

url

nvd

6.2 Medium

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.024 Low

EPSS

Percentile

89.7%

JSON

Visual truncation vulnerability in KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar via an http URI with a large amount of whitespace in the user/password portion.

CPENameOperatorVersion
kde:konquerorkde konqueroreq3.5.7

CPE	Name	Operator	Version
kde:konqueror	kde konqueror	eq	3.5.7

References

lists.grok.org.uk/pipermail/full-disclosure/2007-August/065101.html

secunia.com/advisories/26351

secunia.com/advisories/26612

secunia.com/advisories/26690

secunia.com/advisories/26720

secunia.com/advisories/27089

secunia.com/advisories/27096

securityreason.com/securityalert/2982

securitytracker.com/id?1018579

www.kde.org/info/security/advisory-20070816-1.txt

www.mandriva.com/security/advisories?name=MDKSA-2007:176

www.ubuntu.com/usn/usn-502-1

www.vupen.com/english/advisories/2007/2807

exchange.xforce.ibmcloud.com/vulnerabilities/35829

issues.rpath.com/browse/RPL-1615

www.redhat.com/archives/fedora-package-announce/2007-October/msg00022.html

www.redhat.com/archives/fedora-package-announce/2007-October/msg00084.html

6.2 Medium

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.024 Low

EPSS

Percentile

89.7%

JSON

Related for CVE-2007-4225

prion1 ubuntucve2 openvas22 nessus8 fedora6 ubuntu1 freebsd1 slackware1 oraclelinux2