Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2004-0746
HistoryOct 20, 2004 - 4:00 a.m.

CVE-2004-0746

2004-10-2004:00:00
mitre
web.nvd.nist.gov
33
konqueror
kde
session hijack
cve-2004-0746
security vulnerability

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.7

Confidence

High

EPSS

0.022

Percentile

89.5%

JSON

Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote attackers to perform a session fixation attack and hijack a user’s HTTP session.

Affected configurations

Nvd
Node
kdekonquerorMatch3.0
OR
kdekonquerorMatch3.0.1
OR
kdekonquerorMatch3.0.2
OR
kdekonquerorMatch3.0.3
OR
kdekonquerorMatch3.0.5
OR
kdekonquerorMatch3.0.5b
OR
kdekonquerorMatch3.1
OR
kdekonquerorMatch3.1.1
OR
kdekonquerorMatch3.1.2
OR
kdekonquerorMatch3.1.3
OR
kdekonquerorMatch3.1.5
OR
kdekonquerorMatch3.2.1
OR
kdekonquerorMatch3.2.3
Node
gentoolinuxMatch1.4
OR
kdekdeMatch3.1.3
OR
kdekdeMatch3.2
OR
mandrakesoftmandrake_linuxMatch9.2
OR
mandrakesoftmandrake_linuxMatch9.2amd64
OR
mandrakesoftmandrake_linuxMatch10.0
OR
mandrakesoftmandrake_linuxMatch10.0amd64
OR
susesuse_linuxMatch8enterprise_server
OR
susesuse_linuxMatch8.1
OR
susesuse_linuxMatch8.2
OR
susesuse_linuxMatch9.0
OR
susesuse_linuxMatch9.0enterprise_server
OR
susesuse_linuxMatch9.0x86_64
OR
susesuse_linuxMatch9.1
VendorProductVersionCPE
kdekonqueror3.0cpe:2.3:a:kde:konqueror:3.0:*:*:*:*:*:*:*
kdekonqueror3.0.1cpe:2.3:a:kde:konqueror:3.0.1:*:*:*:*:*:*:*
kdekonqueror3.0.2cpe:2.3:a:kde:konqueror:3.0.2:*:*:*:*:*:*:*
kdekonqueror3.0.3cpe:2.3:a:kde:konqueror:3.0.3:*:*:*:*:*:*:*
kdekonqueror3.0.5cpe:2.3:a:kde:konqueror:3.0.5:*:*:*:*:*:*:*
kdekonqueror3.0.5bcpe:2.3:a:kde:konqueror:3.0.5b:*:*:*:*:*:*:*
kdekonqueror3.1cpe:2.3:a:kde:konqueror:3.1:*:*:*:*:*:*:*
kdekonqueror3.1.1cpe:2.3:a:kde:konqueror:3.1.1:*:*:*:*:*:*:*
kdekonqueror3.1.2cpe:2.3:a:kde:konqueror:3.1.2:*:*:*:*:*:*:*
kdekonqueror3.1.3cpe:2.3:a:kde:konqueror:3.1.3:*:*:*:*:*:*:*
Rows per page:
1-10 of 271

Related

openvas 5
cvelist 2
securityvulns 2
freebsd 1
nessus 8
nvd 2
redhat 1
slackware 1
cve 1
prion 1
suse 1
openvas
openvas
Gentoo Security Advisory GLSA 200408-23 (kdelibs)
2008-09-24 00:00:00
FreeBSD Ports: kdelibs
2008-09-04 00:00:00
FreeBSD Ports: kdelibs
2008-09-04 00:00:00
cvelist
cvelist
CVE-2004-0746
2004-09-14 04:00:00
CVE-2008-3170
2008-07-14 23:00:00
securityvulns
securityvulns
KDE Security Advisory: Konqueror Cross-Domain Cookie Injection
2004-08-25 00:00:00
wp-04-0001: Multiple Browser Cookie Injection Vulnerabilities
2004-09-17 00:00:00
freebsd
freebsd
kdelibs -- konqueror cross-domain cookie injection
2004-08-23 00:00:00
nessus
nessus
FreeBSD : kdelibs -- konqueror cross-domain cookie injection (2797b27a-f55b-11d8-81b0-000347a4fa7d)
2005-07-13 00:00:00
Fedora Core 1 : kdelibs-3.1.4-7 (2004-290)
2004-09-09 00:00:00
Fedora Core 2 : kdelibs-3.2.2-8.FC2 (2004-291)
2004-09-09 00:00:00
nvd
nvd
CVE-2004-0746
2004-10-20 04:00:00
CVE-2008-3170
2008-07-14 23:41:00
redhat
redhat
(RHSA-2004:412) kdelibs, kdebase security update
2004-10-05 00:00:00
slackware
slackware
[slackware-security] kde
2004-09-04 05:01:35
cve
cve
CVE-2008-3170
2008-07-14 23:41:00
prion
prion
Cross site scripting
2008-07-14 23:41:00
suse
suse
remote file disclosure in samba
2004-10-05 14:57:32

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.7

Confidence

High

EPSS

0.022

Percentile

89.5%

JSON
Related for CVE-2004-0746
openvas5cvelist2securityvulns2freebsd1nessus8nvd2redhat1slackware1cve1prion1suse1