Lucene search
K

14 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2007-1559

Malware in sbrugna...

7.8CVSS6.2AI score0.0126EPSS
Exploits0References2
NVD
NVD
added 2007/06/11 6:30 p.m.33 views

CVE-2007-3143

Visual truncation vulnerability in Konqueror 3.5.5 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after a certain number of characters, as demonstrated by a phishing attack using HTTP Basic Authentication...

6.4CVSS6.6AI score0.01987EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2007/06/11 6:30 p.m.57 views

CVE-2007-3143

Visual truncation vulnerability in Konqueror 3.5.5 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after a certain number of characters, as demonstrated by a phishing attack using HTTP Basic Authentication...

6.4CVSS5.9AI score0.01987EPSS
Exploits1References2
Prion
Prion
added 2007/06/11 6:30 p.m.25 views

Design/Logic Flaw

Visual truncation vulnerability in Konqueror 3.5.5 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after a certain number of characters, as demonstrated by a phishing attack using HTTP Basic Authentication...

6.4CVSS7.1AI score0.01987EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2007/06/11 6:0 p.m.67 views

CVE-2007-3143

CVE-2007-3143 affects Konqueror 3.5.5. The issue is a visual truncation vulnerability in the address bar: when a long hostname is shown, it is truncated, which can allow remote attackers to spoof the URL and potentially conduct phishing attacks (notably demonstrated via HTTP Basic Authentication)...

6.4CVSS6.6AI score0.01987EPSS
Exploits1References5Affected Software1
UbuntuCve
UbuntuCve
added 2007/04/22 7:19 p.m.36 views

CVE-2007-2164

Konqueror 3.5.5 release 45.4 allows remote attackers to cause a denial of service browser crash or abort via JavaScript that matches a regular expression against a long string, as demonstrated using /./...

5CVSS6AI score0.0142EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2007/04/05 12:0 a.m.26 views

Mandrake Linux Security Advisory : kdelibs (MDKSA-2007:072)

The FTP protocol implementation in Konqueror 3.5.5 allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in a FTP PASV command. Updated packages have been patched to address thi...

6.8CVSS5.3AI score0.03778EPSS
Exploits0References1
Prion
Prion
added 2007/03/21 7:19 p.m.25 views

Code injection

Konqueror 3.5.5 allows remote attackers to cause a denial of service crash by using JavaScript to read a child iframe having an ftp:// URI...

7.8CVSS6.7AI score0.0126EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2007/03/21 7:19 p.m.22 views

Information disclosure

The FTP protocol implementation in Konqueror 3.5.5 allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response...

6.8CVSS6.1AI score0.03778EPSS
Exploits0References13Affected Software1
exploitpack
exploitpack
added 2007/03/05 12:0 a.m.11 views

Konqueror 3.5.5 - JavaScript Read of FTP Iframe Denial of Service

Konqueror 3.5.5 - JavaScript Read of FTP Iframe Denial of Service Demo of how to make Konqueror 3.5.5 crash by [email protected]. Simply load this file in Konqueror. Vulnerable versions should segfault instantly with a null pointer exception. readiframe = functioniframename var banner =...

1AI score
Exploits0
Exploit DB
Exploit DB
added 2007/03/05 12:0 a.m.28 views

Konqueror 3.5.5 - JavaScript Read of FTP Iframe Denial of Service

Demo of how to make Konqueror 3.5.5 crash by [email protected]. Simply load this file in Konqueror. Vulnerable versions should segfault instantly with a null pointer exception. readiframe = functioniframename var banner = document.getElementByIdiframename.contentWindow.document.body.innerHTML;...

7.4AI score
Exploits0
Prion
Prion
added 2007/01/29 4:28 p.m.22 views

Cross site scripting

The KDE HTML library kdelibs, as used by Konqueror 3.5.5, does not properly parse HTML comments, which allows remote attackers to conduct cross-site scripting XSS attacks and bypass some XSS protection schemes by embedding certain HTML tags within a comment in a title tag, a related issue to...

2.6CVSS5.2AI score0.01796EPSS
Exploits1References21Affected Software1
UbuntuCve
UbuntuCve
added 2007/01/29 4:28 p.m.28 views

CVE-2007-0537

The KDE HTML library kdelibs, as used by Konqueror 3.5.5, does not properly parse HTML comments, which allows remote attackers to conduct cross-site scripting XSS attacks and bypass some XSS protection schemes by embedding certain HTML tags within a comment in a title tag, a related issue to...

2.6CVSS5.9AI score0.01796EPSS
Exploits0References2
NVD
NVD
added 2007/01/29 4:28 p.m.21 views

CVE-2007-0537

The KDE HTML library kdelibs, as used by Konqueror 3.5.5, does not properly parse HTML comments, which allows remote attackers to conduct cross-site scripting XSS attacks and bypass some XSS protection schemes by embedding certain HTML tags within a comment in a title tag, a related issue to...

2.6CVSS5.2AI score0.01796EPSS
Exploits0References21
Rows per page
Query Builder