Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2004-0746
HistoryOct 20, 2004 - 4:00 a.m.

CVE-2004-0746

2004-10-2004:00:00
[email protected]
web.nvd.nist.gov
2

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.8

Confidence

High

EPSS

0.022

Percentile

89.5%

JSON

Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote attackers to perform a session fixation attack and hijack a user’s HTTP session.

Affected configurations

NVD
Node
kdekonquerorMatch3.0
OR
kdekonquerorMatch3.0.1
OR
kdekonquerorMatch3.0.2
OR
kdekonquerorMatch3.0.3
OR
kdekonquerorMatch3.0.5
OR
kdekonquerorMatch3.0.5b
OR
kdekonquerorMatch3.1
OR
kdekonquerorMatch3.1.1
OR
kdekonquerorMatch3.1.2
OR
kdekonquerorMatch3.1.3
OR
kdekonquerorMatch3.1.5
OR
kdekonquerorMatch3.2.1
OR
kdekonquerorMatch3.2.3
Node
gentoolinuxMatch1.4
OR
kdekdeMatch3.1.3
OR
kdekdeMatch3.2
OR
mandrakesoftmandrake_linuxMatch9.2
OR
mandrakesoftmandrake_linuxMatch9.2amd64
OR
mandrakesoftmandrake_linuxMatch10.0
OR
mandrakesoftmandrake_linuxMatch10.0amd64
OR
susesuse_linuxMatch8enterprise_server
OR
susesuse_linuxMatch8.1
OR
susesuse_linuxMatch8.2
OR
susesuse_linuxMatch9.0
OR
susesuse_linuxMatch9.0enterprise_server
OR
susesuse_linuxMatch9.0x86_64
OR
susesuse_linuxMatch9.1

Related

freebsd 1
openvas 5
securityvulns 2
cve 2
cvelist 2
nessus 8
redhat 1
nvd 1
slackware 1
prion 1
suse 1
freebsd
freebsd
kdelibs -- konqueror cross-domain cookie injection
2004-08-23 00:00:00
openvas
openvas
FreeBSD Ports: kdelibs
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200408-23 (kdelibs)
2008-09-24 00:00:00
FreeBSD Ports: kdelibs
2008-09-04 00:00:00
securityvulns
securityvulns
KDE Security Advisory: Konqueror Cross-Domain Cookie Injection
2004-08-25 00:00:00
wp-04-0001: Multiple Browser Cookie Injection Vulnerabilities
2004-09-17 00:00:00
cve
cve
CVE-2004-0746
2004-10-20 04:00:00
CVE-2008-3170
2008-07-14 23:41:00
cvelist
cvelist
CVE-2004-0746
2004-09-14 04:00:00
CVE-2008-3170
2008-07-14 23:00:00
nessus
nessus
FreeBSD : kdelibs -- konqueror cross-domain cookie injection (2797b27a-f55b-11d8-81b0-000347a4fa7d)
2005-07-13 00:00:00
Fedora Core 1 : kdebase-3.1.4-7 (2004-292)
2004-09-09 00:00:00
Fedora Core 2 : kdebase-3.2.2-6.FC2 (2004-293)
2004-09-09 00:00:00
redhat
redhat
(RHSA-2004:412) kdelibs, kdebase security update
2004-10-05 00:00:00
nvd
nvd
CVE-2008-3170
2008-07-14 23:41:00
slackware
slackware
[slackware-security] kde
2004-09-04 05:01:35
prion
prion
Cross site scripting
2008-07-14 23:41:00
suse
suse
remote file disclosure in samba
2004-10-05 14:57:32

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.8

Confidence

High

EPSS

0.022

Percentile

89.5%

JSON
Related for NVD:CVE-2004-0746
freebsd1openvas5securityvulns2cve2cvelist2nessus8redhat1nvd1slackware1prion1suse1