Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2003-0592
HistoryApr 15, 2004 - 4:00 a.m.

CVE-2003-0592

2004-04-1504:00:00
[email protected]
web.nvd.nist.gov
3

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.5

Confidence

Low

EPSS

0.011

Percentile

84.1%

JSON

Konqueror in KDE 3.1.3 and earlier (kdelibs) allows remote attackers to bypass intended cookie access restrictions on a web application via “%2e%2e” (encoded dot dot) directory traversal sequences in a URL, which causes Konqueror to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application.

Affected configurations

Nvd
Node
kdekonquerorMatch2.1.1
OR
kdekonquerorMatch2.2.2
OR
kdekonquerorMatch3.0
OR
kdekonquerorMatch3.0.1
OR
kdekonquerorMatch3.0.2
OR
kdekonquerorMatch3.0.3
OR
kdekonquerorMatch3.0.5
OR
kdekonquerorMatch3.1
OR
kdekonquerorMatch3.1.1
OR
kdekonquerorMatch3.1.2
OR
kdekonqueror_embeddedMatch0.1
VendorProductVersionCPE
kdekonqueror2.1.1cpe:2.3:a:kde:konqueror:2.1.1:*:*:*:*:*:*:*
kdekonqueror2.2.2cpe:2.3:a:kde:konqueror:2.2.2:*:*:*:*:*:*:*
kdekonqueror3.0cpe:2.3:a:kde:konqueror:3.0:*:*:*:*:*:*:*
kdekonqueror3.0.1cpe:2.3:a:kde:konqueror:3.0.1:*:*:*:*:*:*:*
kdekonqueror3.0.2cpe:2.3:a:kde:konqueror:3.0.2:*:*:*:*:*:*:*
kdekonqueror3.0.3cpe:2.3:a:kde:konqueror:3.0.3:*:*:*:*:*:*:*
kdekonqueror3.0.5cpe:2.3:a:kde:konqueror:3.0.5:*:*:*:*:*:*:*
kdekonqueror3.1cpe:2.3:a:kde:konqueror:3.1:*:*:*:*:*:*:*
kdekonqueror3.1.1cpe:2.3:a:kde:konqueror:3.1.1:*:*:*:*:*:*:*
kdekonqueror3.1.2cpe:2.3:a:kde:konqueror:3.1.2:*:*:*:*:*:*:*
Rows per page:
1-10 of 111

Related

redhat 1
nessus 3
osv 1
openvas 2
cvelist 1
cve 1
debian 1
suse 1
securityvulns 1
redhat
redhat
(RHSA-2004:074) kdelibs security update
2004-03-10 00:00:00
nessus
nessus
Debian DSA-459-1 : kdelibs - cookie path traversal
2004-09-29 00:00:00
Mandrake Linux Security Advisory : kdelibs (MDKSA-2004:022)
2004-07-31 00:00:00
RHEL 2.1 : kdelibs (RHSA-2004:074)
2004-07-06 00:00:00
osv
osv
kdelibs - cookie path traversal
2004-03-10 00:00:00
openvas
openvas
Debian Security Advisory DSA 459-1 (kdelibs, kdelibs-crypto)
2008-01-17 00:00:00
Debian Security Advisory DSA 459-1 (kdelibs, kdelibs-crypto)
2008-01-17 00:00:00
cvelist
cvelist
CVE-2003-0592
2004-03-16 05:00:00
cve
cve
CVE-2003-0592
2004-04-15 04:00:00
debian
debian
[SECURITY] [DSA 459-1] New kdelibs, kdelibs-crypto packages fix cookie traversal bug
2004-03-10 20:44:55
suse
suse
remote denial-of-service in openssl
2004-03-17 13:37:40
securityvulns
securityvulns
[Full-Disclosure] Corsaire Security Advisory: Multiple vendor HTTP user agent cookie path traversal issue
2004-03-10 00:00:00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.5

Confidence

Low

EPSS

0.011

Percentile

84.1%

JSON
Related for NVD:CVE-2003-0592
redhat1nessus3osv1openvas2cvelist1cve1debian1suse1securityvulns1