CVE: Common Vulnerabilities and Exposures

Required CVE Record Information

Description

The cross-site scripting protection for Konqueror in KDE 2.2.2 and 3.0 through 3.0.3 does not properly initialize the domains on sub-frames and sub-iframes, which can allow remote attackers to execute script and steal cookies from subframes that are in other domains.

Product Status

Learn more

Information not provided

References 11 Total

redhat.com: RHSA-2002:220
external site
vendor-advisory
http://www.kde.org/info/security/advisory-20020908-2.txt
external site
iss.net: ie-sameoriginpolicy-bypass(10039)
external site
vdb-entry
linux-mandrake.com: MDKSA-2002:064
external site
vendor-advisory
debian.org: DSA-167
external site
vendor-advisory
redhat.com: RHSA-2002:221
external site
vendor-advisory
distro.conectiva.com.br: CLA-2002:525
external site
vendor-advisory
securityfocus.com: 5689
external site
vdb-entry
osvdb.org: 7867
external site
vdb-entry
ftp.caldera.com: CSSA-2002-047.0
external site
vendor-advisory
marc.info: 20020910 KDE Security Advisory: Konqueror Cross Site Scripting Vulnerability
external site
mailing-list

Updated: 2024-08-08

This container includes required additional information provided by the CVE Program for this vulnerability.

References 11 Total

redhat.com: RHSA-2002:220
external site
vendor-advisoryx_transferred
http://www.kde.org/info/security/advisory-20020908-2.txt
external site
x_transferred
iss.net: ie-sameoriginpolicy-bypass(10039)
external site
vdb-entryx_transferred
linux-mandrake.com: MDKSA-2002:064
external site
vendor-advisoryx_transferred
debian.org: DSA-167
external site
vendor-advisoryx_transferred
redhat.com: RHSA-2002:221
external site
vendor-advisoryx_transferred
distro.conectiva.com.br: CLA-2002:525
external site
vendor-advisoryx_transferred
securityfocus.com: 5689
external site
vdb-entryx_transferred
osvdb.org: 7867
external site
vdb-entryx_transferred
ftp.caldera.com: CSSA-2002-047.0
external site
vendor-advisoryx_transferred
marc.info: 20020910 KDE Security Advisory: Konqueror Cross Site Scripting Vulnerability
external site
mailing-listx_transferred

Common vulnerabilities and Exposures (CVE)

Required CVE Record Information

CNA: MITRE Corporation

Description

Product Status

References 11 Total

CVE Program

References 11 Total