MitreCVE-2007-4225

HistoryAug 08, 2007 - 9:17 p.m.

CVE-2007-4225

2007-08-0821:17:00

mitre

web.nvd.nist.gov

cve

2007

4225

visual truncation

vulnerability

kde

konqueror

spoofing

url

nvd

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

Confidence

Low

EPSS

0.03

Percentile

91.0%

JSON

Visual truncation vulnerability in KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar via an http URI with a large amount of whitespace in the user/password portion.

Affected configurations

Nvd

Node

kdekonquerorMatch3.5.7

VendorProductVersionCPE
kdekonqueror3.5.7cpe:2.3:a:kde:konqueror:3.5.7:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
kde	konqueror	3.5.7	cpe:2.3:a:kde:konqueror:3.5.7:::::::*

References

lists.grok.org.uk/pipermail/full-disclosure/2007-August/065101.html

secunia.com/advisories/26351

secunia.com/advisories/26612

secunia.com/advisories/26690

secunia.com/advisories/26720

secunia.com/advisories/27089

secunia.com/advisories/27096

securityreason.com/securityalert/2982

securitytracker.com/id?1018579

www.kde.org/info/security/advisory-20070816-1.txt

www.mandriva.com/security/advisories?name=MDKSA-2007:176

www.ubuntu.com/usn/usn-502-1

www.vupen.com/english/advisories/2007/2807

exchange.xforce.ibmcloud.com/vulnerabilities/35829

issues.rpath.com/browse/RPL-1615

www.redhat.com/archives/fedora-package-announce/2007-October/msg00022.html

www.redhat.com/archives/fedora-package-announce/2007-October/msg00084.html

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

Confidence

Low

EPSS

0.03

Percentile

91.0%

JSON

Related for CVE-2007-4225