CVE-2004-1158

2005-01-1000:00:00

ubuntu.com

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.023 Low

EPSS

Percentile

89.6%

JSON

Konqueror 3.x up to 3.2.2-6, and possibly other versions, allows remote
attackers to spoof arbitrary web sites by injecting content from one window
into a target window or tab whose name is known but resides in a different
domain, as demonstrated using a pop-up window on a trusted web site, aka
the “window injection” vulnerability.

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchkdebase< 3.5.2-0ubuntu27.1UNKNOWN
ubuntu6.10noarchkdebase< 3.5.5-0ubuntu3.5UNKNOWN
ubuntu7.04noarchkdebase< 3.5.6-0ubuntu20.2UNKNOWN
ubuntu6.06noarchkdelibs< 3.5.2-0ubuntu18.5UNKNOWN
ubuntu6.10noarchkdelibs< 3.5.5-0ubuntu3.5UNKNOWN
ubuntu7.04noarchkdelibs< 3.5.6-0ubuntu14.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	6.06	noarch	kdebase	< 3.5.2-0ubuntu27.1	UNKNOWN
ubuntu	6.10	noarch	kdebase	< 3.5.5-0ubuntu3.5	UNKNOWN
ubuntu	7.04	noarch	kdebase	< 3.5.6-0ubuntu20.2	UNKNOWN
ubuntu	6.06	noarch	kdelibs	< 3.5.2-0ubuntu18.5	UNKNOWN
ubuntu	6.10	noarch	kdelibs	< 3.5.5-0ubuntu3.5	UNKNOWN
ubuntu	7.04	noarch	kdelibs	< 3.5.6-0ubuntu14.1	UNKNOWN