Konqueror Embedded Security Vulnerabilities and Issues — Konqueror Embedded CVE List

Lucene search

KdeKonqueror Embedded

4 matches found

CVE•added 2003/06/09 4:0 a.m.•59 views

CVE-2003-0355

Safari 1.0 Beta 2 (v73) and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates.

5CVSS7AI score0.00353EPSS

CVE•added 2003/06/16 4:0 a.m.•57 views

CVE-2003-0370

Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack.

7.5CVSS6.3AI score0.00942EPSS

CVE•added 2004/04/15 4:0 a.m.•52 views

CVE-2003-0592

Konqueror in KDE 3.1.3 and earlier (kdelibs) allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Konqueror to send the cookie outside the specified URL subsets, e.g. to a vulne...

7.5CVSS6.4AI score0.00712EPSS

CVE•added 2003/08/27 4:0 a.m.•48 views

CVE-2003-0459

KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites.

5CVSS6.5AI score0.01525EPSS