33 matches found
EUVD-2003-1468
Malware in sbrugna...
EUVD-2004-1156
Malware in sbrugna...
EUVD-2007-0535
Malware in sbrugna...
EUVD-2009-2532
Malware in sbrugna...
EUVD-2007-2159
Malware in sbrugna...
EUVD-2007-5970
Malware in sbrugna...
EUVD-2004-0744
Malware in sbrugna...
Code injection
The pcrecompile function in pcrecompile.c in PCRE before 8.38 mishandles certain : nesting, which allows remote attackers to cause a denial of service CPU consumption or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object...
CVE-2011-1168
Cross-site scripting XSS vulnerability in the KHTMLPart::htmlError function in khtml/khtmlpart.cpp in Konqueror in KDE SC 4.4.0 through 4.6.1 allows remote attackers to inject arbitrary web script or HTML via the URI in a URL corresponding to an unavailable web site...
security flaw
Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier 1 allow access to restricted Java classes via JavaScript and 2 do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary file...
CVE-2004-1158
Konqueror 3.x up to 3.2.2-6, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window or tab whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka t...
CVE-2004-1165
Konqueror 3.3.1 allows remote attackers to execute arbitrary FTP commands via an ftp:// URL that contains a URL-encoded newline "%0a" before the FTP command, which causes the commands to be inserted into the resulting FTP session, as demonstrated using a PORT command...
Konqueror fails to restrict access to Java classes
Overview The Konqueror web browser may allow Java applets and JavaScripts to bypass the Java security settings and access restricted Java classes. Exploitation may allow a remote attacker to read and write arbitrary files on a vulnerable system. Description Konqueror is a web browser and file...
Fedora Core 2 : kdelibs-3.2.2-10.FC2 (2004-548)
Tue Dec 14 2004 Than Ngo 6:3.2.2-10.FC2 - apply the patch to fix Konqueror Window Injection Vulnerability 142510 CVE-2004-1158, Thanks to KDE security team - Security Advisory: plain text password exposure, 142487 thanks to KDE security team - Tue Sep 07 2004 Than Ngo 6:3.2.2-9.FC2 - add patch to...
Fedora Core 3 : kdebase-3.3.1-4.3.FC3 (2004-551)
Tue Dec 14 2004 Than Ngo 6:3.3.1-4.3.FC3 - apply the patch to fix Konqueror Window Injection Vulnerability 142510 CVE-2004-1158, Thanks to KDE security team - Fri Dec 10 2004 Than Ngo 6:3.3.1-4.2.FC3 - Security Advisory: plain text password exposure, thanks to KDE security team - the existing...
Fedora Core 3 : kdelibs-3.3.1-2.4.FC3 (2004-550)
Tue Dec 14 2004 Than Ngo 3.3.1-2.4.FC3 - apply the patch to fix Konqueror Window Injection Vulnerability 142510 CVE-2004-1158, Thanks to KDE security team - Fri Dec 10 2004 Than Ngo 3.3.1-2.3.FC3 - Security Advisory: plain text password exposure, 142487 thanks to KDE security team Note that...
Fedora Core 2 : kdebase-3.2.2-8.FC2 (2004-549)
Tue Dec 14 2004 Than Ngo 3.2.2-8.FC2 - apply the patch to fix Konqueror Window Injection Vulnerability 142510 CVE-2004-1158, Thanks to KDE security team - Security Advisory: plain text password exposure, 142487 thanks to KDE security team - Tue Sep 28 2004 Than Ngo 6:3.2.2-7.FC2 - fix kdm...
Konqueror Cross-Domain Scripting
Binary data 2379.prm...
Konqueror < 3.2.2-2 Cross-Domain Dialog Box Spoofing
Binary data 2374.prm...
CVE-2004-0746
Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session...