CVE-2004-1145 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2004-1145
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2004-1145

Description: Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/18596 SAID Secunia Advisory: SA13586 REDHAT http://www.redhat.com/support/errata/RHSA-2005-065.html MISC http://www.heise.de/security/dienste/browsercheck/tests/java.shtml MANDRAKE http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:154 GENTOO http://www.gentoo.org/security/en/glsa/glsa-200501-16.xml CONFIRM http://www.kde.org/info/security/advisory-20041220-1.txt CERT-VN 420222 BUGTRAQ http://marc.theaimsgroup.com/?l=bugtraq&m=110356286722875&w=2

Return to the previous page.