CVE Reference: CVE-2004-0721

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2004-0721

Description:
Konqueror 3.1.3, 3.2.2, and possibly other versions does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.

CVE Status:
Candidate

References:

XF
  http://xforce.iss.net/xforce/xfdb/1598

SAID
  Secunia Advisory: SA11978

OVAL
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11371

MISC
  http://secunia.com/multiple_browsers_frame_injection_vulnerability_test/

GENTOO
  http://security.gentoo.org/glsa/glsa-200408-13.xml

CONFIRM
  http://www.kde.org/info/security/advisory-20040811-3.txt

CONECTIVA
  http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000864

BUGTRAQ
  http://marc.theaimsgroup.com/?l=bugtraq&m=109225538901170&w=2


Return to the previous page.