4 matches found
Debian Security Advisory DSA 459-1 (kdelibs, kdelibs-crypto)
The remote host is missing an update to kdelibs, kdelibs-crypto announced via advisory DSA 459-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...
Debian DSA-459-1 : kdelibs - cookie path traversal
A vulnerability was discovered in KDE where the path restrictions on cookies could be bypassed using encoded relative path components e.g., '/../'. This means that a cookie which should only be sent by the browser to an application running at /app1, the browser could inadvertently include it with...
CVE-2003-0592
Konqueror in KDE 3.1.3 and earlier kdelibs allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" encoded dot dot directory traversal sequences in a URL, which causes Konqueror to send the cookie outside the specified URL subsets, e.g. to a...
CVE-2003-0592
Konqueror in KDE 3.1.3 and earlier kdelibs allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" encoded dot dot directory traversal sequences in a URL, which causes Konqueror to send the cookie outside the specified URL subsets, e.g. to a...