Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2004-1158
HistoryJan 10, 2005 - 5:00 a.m.

CVE-2004-1158

2005-01-1005:00:00
[email protected]
web.nvd.nist.gov
6

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.6

Confidence

Low

EPSS

0.023

Percentile

89.8%

JSON

Konqueror 3.x up to 3.2.2-6, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window or tab whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the “window injection” vulnerability.

Affected configurations

Nvd
Node
kdekonquerorMatch2.1.1
OR
kdekonquerorMatch2.1.2
OR
kdekonquerorMatch2.2.1
OR
kdekonquerorMatch2.2.2
OR
kdekonquerorMatch3.0
OR
kdekonquerorMatch3.0.1
OR
kdekonquerorMatch3.0.2
OR
kdekonquerorMatch3.0.3
OR
kdekonquerorMatch3.0.5
OR
kdekonquerorMatch3.0.5b
OR
kdekonquerorMatch3.1
OR
kdekonquerorMatch3.1.1
OR
kdekonquerorMatch3.1.2
OR
kdekonquerorMatch3.1.3
OR
kdekonquerorMatch3.1.4
OR
kdekonquerorMatch3.1.5
OR
kdekonquerorMatch3.2.1
OR
kdekonquerorMatch3.2.2.6
OR
kdekonquerorMatch3.2.3
OR
kdekonquerorMatch3.3
OR
kdekonquerorMatch3.3.1
OR
kdekonquerorMatch3.3.2
Node
mandrakesoftmandrake_linuxMatch10.0
OR
mandrakesoftmandrake_linuxMatch10.0amd64
OR
mandrakesoftmandrake_linuxMatch10.1
OR
mandrakesoftmandrake_linuxMatch10.1x86_64
OR
redhatfedora_coreMatchcore_2.0
OR
redhatfedora_coreMatchcore_3.0
VendorProductVersionCPE
kdekonqueror2.1.1cpe:2.3:a:kde:konqueror:2.1.1:*:*:*:*:*:*:*
kdekonqueror2.1.2cpe:2.3:a:kde:konqueror:2.1.2:*:*:*:*:*:*:*
kdekonqueror2.2.1cpe:2.3:a:kde:konqueror:2.2.1:*:*:*:*:*:*:*
kdekonqueror2.2.2cpe:2.3:a:kde:konqueror:2.2.2:*:*:*:*:*:*:*
kdekonqueror3.0cpe:2.3:a:kde:konqueror:3.0:*:*:*:*:*:*:*
kdekonqueror3.0.1cpe:2.3:a:kde:konqueror:3.0.1:*:*:*:*:*:*:*
kdekonqueror3.0.2cpe:2.3:a:kde:konqueror:3.0.2:*:*:*:*:*:*:*
kdekonqueror3.0.3cpe:2.3:a:kde:konqueror:3.0.3:*:*:*:*:*:*:*
kdekonqueror3.0.5cpe:2.3:a:kde:konqueror:3.0.5:*:*:*:*:*:*:*
kdekonqueror3.0.5bcpe:2.3:a:kde:konqueror:3.0.5b:*:*:*:*:*:*:*
Rows per page:
1-10 of 281

Related

cvelist 1
nessus 8
ubuntucve 1
cve 1
gentoo 1
openvas 6
redhat 1
freebsd 1
cvelist
cvelist
CVE-2004-1158
2004-12-10 05:00:00
nessus
nessus
Fedora Core 3 : kdelibs-3.3.1-2.4.FC3 (2004-550)
2004-12-15 00:00:00
Fedora Core 3 : kdebase-3.3.1-4.3.FC3 (2004-551)
2004-12-15 00:00:00
Fedora Core 2 : kdebase-3.2.2-8.FC2 (2004-549)
2004-12-15 00:00:00
ubuntucve
ubuntucve
CVE-2004-1158
2005-01-10 00:00:00
cve
cve
CVE-2004-1158
2005-01-10 05:00:00
gentoo
gentoo
kdelibs, kdebase: Multiple vulnerabilities
2004-12-19 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200412-16 (KDE)
2008-09-24 00:00:00
SLES9: Security update for kdelibs3
2009-10-10 00:00:00
Gentoo Security Advisory GLSA 200412-16 (KDE)
2008-09-24 00:00:00
redhat
redhat
(RHSA-2005:009) kdelibs, kdebase security update
2005-02-10 00:00:00
freebsd
freebsd
web browsers -- window injection vulnerabilities
2004-12-08 00:00:00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.6

Confidence

Low

EPSS

0.023

Percentile

89.8%

JSON
Related for NVD:CVE-2004-1158
cvelist1nessus8ubuntucve1cve1gentoo1openvas6redhat1freebsd1