5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.006 Low
EPSS
Percentile
75.1%
KDE is a graphical desktop environment for the X Window System.
Konqueror is the file manager for the K Desktop Environment.
George Staikos reported that Konqueror may inadvertently send
authentication credentials to websites other than the intended website in
clear text via the HTTP-referer header. This can occur when authentication
credentials are passed as part of a URL in the form http://user:password@host/
Users of Konqueror are advised to upgrade to these erratum packages, which
contain a backported security patch correcting this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | i386 | kdelibs-sound-devel | < 2.2.2-9 | kdelibs-sound-devel-2.2.2-9.i386.rpm |
RedHat | any | i386 | arts | < 2.2.2-9 | arts-2.2.2-9.i386.rpm |
RedHat | any | i386 | kdelibs | < 2.2.2-9 | kdelibs-2.2.2-9.i386.rpm |
RedHat | any | ia64 | kdelibs-sound-devel | < 2.2.2-9 | kdelibs-sound-devel-2.2.2-9.ia64.rpm |
RedHat | any | ia64 | arts | < 2.2.2-9 | arts-2.2.2-9.ia64.rpm |
RedHat | any | ia64 | kdelibs-sound | < 2.2.2-9 | kdelibs-sound-2.2.2-9.ia64.rpm |
RedHat | any | i386 | kdelibs-sound | < 2.2.2-9 | kdelibs-sound-2.2.2-9.i386.rpm |
RedHat | any | i386 | kdelibs-devel | < 2.2.2-9 | kdelibs-devel-2.2.2-9.i386.rpm |
RedHat | any | ia64 | kdelibs | < 2.2.2-9 | kdelibs-2.2.2-9.ia64.rpm |
RedHat | any | ia64 | kdelibs-devel | < 2.2.2-9 | kdelibs-devel-2.2.2-9.ia64.rpm |