Search

Find a vulnerability

Search criteria

    6 vulnerabilities found for kdelibs by redhat

    CVE-2011-1094 (GCVE-0-2011-1094)

    Vulnerability from nvd – Published: 2011-03-16 22:00 – Updated: 2024-08-06 22:14
    VLAI
    Summary
    kio/kio/tcpslavebase.cpp in KDE KSSL in kdelibs before 4.6.1 does not properly verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a certificate issued by a legitimate Certification Authority for an IP address, a different vulnerability than CVE-2009-2702.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.vupen.com/english/advisories/2011/0990 vdb-entryx_refsource_VUPEN
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://www.securityfocus.com/bid/46789 vdb-entryx_refsource_BID
    http://secunia.com/advisories/44108 third-party-advisoryx_refsource_SECUNIA
    http://www.ubuntu.com/usn/USN-1110-1 vendor-advisoryx_refsource_UBUNTU
    http://www.vupen.com/english/advisories/2011/0913 vdb-entryx_refsource_VUPEN
    https://projects.kde.org/projects/kde/kdelibs/rep… x_refsource_CONFIRM
    http://openwall.com/lists/oss-security/2011/03/08/13 mailing-listx_refsource_MLIST
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://openwall.com/lists/oss-security/2011/03/08/20 mailing-listx_refsource_MLIST
    Date Public
    2011-03-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T22:14:27.786Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2011-0990",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/0990"
              },
              {
                "name": "MDVSA-2011:071",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:071"
              },
              {
                "name": "46789",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/46789"
              },
              {
                "name": "44108",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/44108"
              },
              {
                "name": "USN-1110-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-1110-1"
              },
              {
                "name": "ADV-2011-0913",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/0913"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://projects.kde.org/projects/kde/kdelibs/repository/revisions/76f935197599a335a5fe09b78751ddb455248cf7"
              },
              {
                "name": "[oss-security] 20110308 KDE SSL name check issue",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://openwall.com/lists/oss-security/2011/03/08/13"
              },
              {
                "name": "kdelibs-ssl-security-bypass(65986)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65986"
              },
              {
                "name": "[oss-security] 20110308 Re: KDE SSL name check issue",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://openwall.com/lists/oss-security/2011/03/08/20"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-03-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "kio/kio/tcpslavebase.cpp in KDE KSSL in kdelibs before 4.6.1 does not properly verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a certificate issued by a legitimate Certification Authority for an IP address, a different vulnerability than CVE-2009-2702."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "ADV-2011-0990",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0990"
            },
            {
              "name": "MDVSA-2011:071",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:071"
            },
            {
              "name": "46789",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/46789"
            },
            {
              "name": "44108",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/44108"
            },
            {
              "name": "USN-1110-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-1110-1"
            },
            {
              "name": "ADV-2011-0913",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0913"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://projects.kde.org/projects/kde/kdelibs/repository/revisions/76f935197599a335a5fe09b78751ddb455248cf7"
            },
            {
              "name": "[oss-security] 20110308 KDE SSL name check issue",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://openwall.com/lists/oss-security/2011/03/08/13"
            },
            {
              "name": "kdelibs-ssl-security-bypass(65986)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65986"
            },
            {
              "name": "[oss-security] 20110308 Re: KDE SSL name check issue",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://openwall.com/lists/oss-security/2011/03/08/20"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2011-1094",
        "datePublished": "2011-03-16T22:00:00.000Z",
        "dateReserved": "2011-02-24T00:00:00.000Z",
        "dateUpdated": "2024-08-06T22:14:27.786Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-4811 (GCVE-0-2006-4811)

    Vulnerability from nvd – Published: 2006-10-18 17:00 – Updated: 2024-08-07 19:23
    VLAI
    Summary
    Integer overflow in Qt 3.3 before 3.3.7, 4.1 before 4.1.5, and 4.2 before 4.2.1, as used in the KDE khtml library, kdelibs 3.1.3, and possibly other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted pixmap image.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securitytracker.com/id?1017084 vdb-entryx_refsource_SECTRACK
    http://www.redhat.com/support/errata/RHSA-2006-07… vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/22738 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/22485 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/22586 third-party-advisoryx_refsource_SECUNIA
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://secunia.com/advisories/22579 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/22520 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/22479 third-party-advisoryx_refsource_SECUNIA
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://www.trolltech.com/company/newsroom/announc… x_refsource_CONFIRM
    http://secunia.com/advisories/22380 third-party-advisoryx_refsource_SECUNIA
    http://www.ubuntu.com/usn/usn-368-1 vendor-advisoryx_refsource_UBUNTU
    ftp://patches.sgi.com/support/free/security/advis… vendor-advisoryx_refsource_SGI
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://secunia.com/advisories/22645 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/20599 vdb-entryx_refsource_BID
    ftp://patches.sgi.com/support/free/security/advis… vendor-advisoryx_refsource_SGI
    http://bugzilla.redhat.com/bugzilla/show_bug.cgi?… x_refsource_CONFIRM
    http://security.gentoo.org/glsa/glsa-200703-06.xml vendor-advisoryx_refsource_GENTOO
    http://secunia.com/advisories/24347 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/22890 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/22397 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2006-07… vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/22929 third-party-advisoryx_refsource_SECUNIA
    http://security.gentoo.org/glsa/glsa-200611-02.xml vendor-advisoryx_refsource_GENTOO
    http://www.us.debian.org/security/2006/dsa-1200 vendor-advisoryx_refsource_DEBIAN
    http://www.vupen.com/english/advisories/2006/4099 vdb-entryx_refsource_VUPEN
    http://slackware.com/security/viewer.php?l=slackw… vendor-advisoryx_refsource_SLACKWARE
    http://lists.suse.com/archive/suse-security-annou… vendor-advisoryx_refsource_SUSE
    http://secunia.com/advisories/22492 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/22589 third-party-advisoryx_refsource_SECUNIA
    https://issues.rpath.com/browse/RPL-723 x_refsource_CONFIRM
    http://www.securityfocus.com/archive/1/449173/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2006-10-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:23:41.159Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1017084",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1017084"
              },
              {
                "name": "RHSA-2006:0725",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2006-0725.html"
              },
              {
                "name": "22738",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22738"
              },
              {
                "name": "22485",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22485"
              },
              {
                "name": "22586",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22586"
              },
              {
                "name": "oval:org.mitre.oval:def:10218",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10218"
              },
              {
                "name": "22579",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22579"
              },
              {
                "name": "22520",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22520"
              },
              {
                "name": "22479",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22479"
              },
              {
                "name": "MDKSA-2006:186",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:186"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.trolltech.com/company/newsroom/announcements/press.2006-10-19.5434451733"
              },
              {
                "name": "22380",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22380"
              },
              {
                "name": "USN-368-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/usn-368-1"
              },
              {
                "name": "20061002-01-P",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SGI",
                  "x_transferred"
                ],
                "url": "ftp://patches.sgi.com/support/free/security/advisories/20061002-01-P"
              },
              {
                "name": "MDKSA-2006:187",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:187"
              },
              {
                "name": "22645",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22645"
              },
              {
                "name": "20599",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/20599"
              },
              {
                "name": "20061101-01-P",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SGI",
                  "x_transferred"
                ],
                "url": "ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210742"
              },
              {
                "name": "GLSA-200703-06",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200703-06.xml"
              },
              {
                "name": "24347",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24347"
              },
              {
                "name": "22890",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22890"
              },
              {
                "name": "22397",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22397"
              },
              {
                "name": "RHSA-2006:0720",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2006-0720.html"
              },
              {
                "name": "22929",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22929"
              },
              {
                "name": "GLSA-200611-02",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200611-02.xml"
              },
              {
                "name": "DSA-1200",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.us.debian.org/security/2006/dsa-1200"
              },
              {
                "name": "ADV-2006-4099",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/4099"
              },
              {
                "name": "SSA:2006-298-01",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SLACKWARE",
                  "x_transferred"
                ],
                "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.483634"
              },
              {
                "name": "SUSE-SA:2006:063",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.suse.com/archive/suse-security-announce/2006-Oct/0006.html"
              },
              {
                "name": "22492",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22492"
              },
              {
                "name": "22589",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22589"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://issues.rpath.com/browse/RPL-723"
              },
              {
                "name": "20061018 rPSA-2006-0195-1 kdelibs",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/449173/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-10-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Integer overflow in Qt 3.3 before 3.3.7, 4.1 before 4.1.5, and 4.2 before 4.2.1, as used in the KDE khtml library, kdelibs 3.1.3, and possibly other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted pixmap image."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "1017084",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1017084"
            },
            {
              "name": "RHSA-2006:0725",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2006-0725.html"
            },
            {
              "name": "22738",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22738"
            },
            {
              "name": "22485",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22485"
            },
            {
              "name": "22586",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22586"
            },
            {
              "name": "oval:org.mitre.oval:def:10218",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10218"
            },
            {
              "name": "22579",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22579"
            },
            {
              "name": "22520",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22520"
            },
            {
              "name": "22479",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22479"
            },
            {
              "name": "MDKSA-2006:186",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:186"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.trolltech.com/company/newsroom/announcements/press.2006-10-19.5434451733"
            },
            {
              "name": "22380",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22380"
            },
            {
              "name": "USN-368-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/usn-368-1"
            },
            {
              "name": "20061002-01-P",
              "tags": [
                "vendor-advisory",
                "x_refsource_SGI"
              ],
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20061002-01-P"
            },
            {
              "name": "MDKSA-2006:187",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:187"
            },
            {
              "name": "22645",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22645"
            },
            {
              "name": "20599",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/20599"
            },
            {
              "name": "20061101-01-P",
              "tags": [
                "vendor-advisory",
                "x_refsource_SGI"
              ],
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210742"
            },
            {
              "name": "GLSA-200703-06",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200703-06.xml"
            },
            {
              "name": "24347",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24347"
            },
            {
              "name": "22890",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22890"
            },
            {
              "name": "22397",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22397"
            },
            {
              "name": "RHSA-2006:0720",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2006-0720.html"
            },
            {
              "name": "22929",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22929"
            },
            {
              "name": "GLSA-200611-02",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200611-02.xml"
            },
            {
              "name": "DSA-1200",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.us.debian.org/security/2006/dsa-1200"
            },
            {
              "name": "ADV-2006-4099",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/4099"
            },
            {
              "name": "SSA:2006-298-01",
              "tags": [
                "vendor-advisory",
                "x_refsource_SLACKWARE"
              ],
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.483634"
            },
            {
              "name": "SUSE-SA:2006:063",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.suse.com/archive/suse-security-announce/2006-Oct/0006.html"
            },
            {
              "name": "22492",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22492"
            },
            {
              "name": "22589",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22589"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://issues.rpath.com/browse/RPL-723"
            },
            {
              "name": "20061018 rPSA-2006-0195-1 kdelibs",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/449173/100/0/threaded"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2006-4811",
        "datePublished": "2006-10-18T17:00:00.000Z",
        "dateReserved": "2006-09-15T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:23:41.159Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2003-0459 (GCVE-0-2003-0459)

    Vulnerability from nvd – Published: 2003-08-01 04:00 – Updated: 2024-08-08 01:58
    VLAI
    Summary
    KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://lists.grok.org.uk/pipermail/full-disclosur… mailing-listx_refsource_FULLDISC
    http://www.kde.org/info/security/advisory-2003072… x_refsource_CONFIRM
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    http://www.debian.org/security/2003/dsa-361 vendor-advisoryx_refsource_DEBIAN
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://marc.info/?l=bugtraq&m=105986238428061&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.redhat.com/support/errata/RHSA-2003-236.html vendor-advisoryx_refsource_REDHAT
    http://www.redhat.com/support/errata/RHSA-2003-235.html vendor-advisoryx_refsource_REDHAT
    http://www.turbolinux.com/security/TLSA-2003-45.txt vendor-advisoryx_refsource_TURBO
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRAKE
    Date Public
    2003-07-29 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T01:58:09.652Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20030729 KDE Security Advisory: Konqueror Referrer Authentication Leak",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-July/007300.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.kde.org/info/security/advisory-20030729-1.txt"
              },
              {
                "name": "CLA-2003:747",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000747"
              },
              {
                "name": "DSA-361",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2003/dsa-361"
              },
              {
                "name": "oval:org.mitre.oval:def:411",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A411"
              },
              {
                "name": "20030802 [slackware-security]  KDE packages updated (SSA:2003-213-01)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=105986238428061\u0026w=2"
              },
              {
                "name": "RHSA-2003:236",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2003-236.html"
              },
              {
                "name": "RHSA-2003:235",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2003-235.html"
              },
              {
                "name": "TLSA-2003-45",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_TURBO",
                  "x_transferred"
                ],
                "url": "http://www.turbolinux.com/security/TLSA-2003-45.txt"
              },
              {
                "name": "MDKSA-2003:079",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:079"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2003-07-29T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the \"user:password@host\" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20030729 KDE Security Advisory: Konqueror Referrer Authentication Leak",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-July/007300.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.kde.org/info/security/advisory-20030729-1.txt"
            },
            {
              "name": "CLA-2003:747",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000747"
            },
            {
              "name": "DSA-361",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2003/dsa-361"
            },
            {
              "name": "oval:org.mitre.oval:def:411",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A411"
            },
            {
              "name": "20030802 [slackware-security]  KDE packages updated (SSA:2003-213-01)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=105986238428061\u0026w=2"
            },
            {
              "name": "RHSA-2003:236",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2003-236.html"
            },
            {
              "name": "RHSA-2003:235",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2003-235.html"
            },
            {
              "name": "TLSA-2003-45",
              "tags": [
                "vendor-advisory",
                "x_refsource_TURBO"
              ],
              "url": "http://www.turbolinux.com/security/TLSA-2003-45.txt"
            },
            {
              "name": "MDKSA-2003:079",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:079"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2003-0459",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the \"user:password@host\" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20030729 KDE Security Advisory: Konqueror Referrer Authentication Leak",
                  "refsource": "FULLDISC",
                  "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-July/007300.html"
                },
                {
                  "name": "http://www.kde.org/info/security/advisory-20030729-1.txt",
                  "refsource": "CONFIRM",
                  "url": "http://www.kde.org/info/security/advisory-20030729-1.txt"
                },
                {
                  "name": "CLA-2003:747",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000747"
                },
                {
                  "name": "DSA-361",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2003/dsa-361"
                },
                {
                  "name": "oval:org.mitre.oval:def:411",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A411"
                },
                {
                  "name": "20030802 [slackware-security]  KDE packages updated (SSA:2003-213-01)",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=105986238428061\u0026w=2"
                },
                {
                  "name": "RHSA-2003:236",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2003-236.html"
                },
                {
                  "name": "RHSA-2003:235",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2003-235.html"
                },
                {
                  "name": "TLSA-2003-45",
                  "refsource": "TURBO",
                  "url": "http://www.turbolinux.com/security/TLSA-2003-45.txt"
                },
                {
                  "name": "MDKSA-2003:079",
                  "refsource": "MANDRAKE",
                  "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:079"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2003-0459",
        "datePublished": "2003-08-01T04:00:00.000Z",
        "dateReserved": "2003-06-26T00:00:00.000Z",
        "dateUpdated": "2024-08-08T01:58:09.652Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-1094 (GCVE-0-2011-1094)

    Vulnerability from cvelistv5 – Published: 2011-03-16 22:00 – Updated: 2024-08-06 22:14
    VLAI
    Summary
    kio/kio/tcpslavebase.cpp in KDE KSSL in kdelibs before 4.6.1 does not properly verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a certificate issued by a legitimate Certification Authority for an IP address, a different vulnerability than CVE-2009-2702.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.vupen.com/english/advisories/2011/0990 vdb-entryx_refsource_VUPEN
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://www.securityfocus.com/bid/46789 vdb-entryx_refsource_BID
    http://secunia.com/advisories/44108 third-party-advisoryx_refsource_SECUNIA
    http://www.ubuntu.com/usn/USN-1110-1 vendor-advisoryx_refsource_UBUNTU
    http://www.vupen.com/english/advisories/2011/0913 vdb-entryx_refsource_VUPEN
    https://projects.kde.org/projects/kde/kdelibs/rep… x_refsource_CONFIRM
    http://openwall.com/lists/oss-security/2011/03/08/13 mailing-listx_refsource_MLIST
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://openwall.com/lists/oss-security/2011/03/08/20 mailing-listx_refsource_MLIST
    Date Public
    2011-03-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T22:14:27.786Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2011-0990",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/0990"
              },
              {
                "name": "MDVSA-2011:071",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:071"
              },
              {
                "name": "46789",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/46789"
              },
              {
                "name": "44108",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/44108"
              },
              {
                "name": "USN-1110-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-1110-1"
              },
              {
                "name": "ADV-2011-0913",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/0913"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://projects.kde.org/projects/kde/kdelibs/repository/revisions/76f935197599a335a5fe09b78751ddb455248cf7"
              },
              {
                "name": "[oss-security] 20110308 KDE SSL name check issue",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://openwall.com/lists/oss-security/2011/03/08/13"
              },
              {
                "name": "kdelibs-ssl-security-bypass(65986)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65986"
              },
              {
                "name": "[oss-security] 20110308 Re: KDE SSL name check issue",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://openwall.com/lists/oss-security/2011/03/08/20"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-03-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "kio/kio/tcpslavebase.cpp in KDE KSSL in kdelibs before 4.6.1 does not properly verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a certificate issued by a legitimate Certification Authority for an IP address, a different vulnerability than CVE-2009-2702."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "ADV-2011-0990",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0990"
            },
            {
              "name": "MDVSA-2011:071",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:071"
            },
            {
              "name": "46789",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/46789"
            },
            {
              "name": "44108",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/44108"
            },
            {
              "name": "USN-1110-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-1110-1"
            },
            {
              "name": "ADV-2011-0913",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0913"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://projects.kde.org/projects/kde/kdelibs/repository/revisions/76f935197599a335a5fe09b78751ddb455248cf7"
            },
            {
              "name": "[oss-security] 20110308 KDE SSL name check issue",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://openwall.com/lists/oss-security/2011/03/08/13"
            },
            {
              "name": "kdelibs-ssl-security-bypass(65986)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65986"
            },
            {
              "name": "[oss-security] 20110308 Re: KDE SSL name check issue",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://openwall.com/lists/oss-security/2011/03/08/20"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2011-1094",
        "datePublished": "2011-03-16T22:00:00.000Z",
        "dateReserved": "2011-02-24T00:00:00.000Z",
        "dateUpdated": "2024-08-06T22:14:27.786Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-4811 (GCVE-0-2006-4811)

    Vulnerability from cvelistv5 – Published: 2006-10-18 17:00 – Updated: 2024-08-07 19:23
    VLAI
    Summary
    Integer overflow in Qt 3.3 before 3.3.7, 4.1 before 4.1.5, and 4.2 before 4.2.1, as used in the KDE khtml library, kdelibs 3.1.3, and possibly other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted pixmap image.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securitytracker.com/id?1017084 vdb-entryx_refsource_SECTRACK
    http://www.redhat.com/support/errata/RHSA-2006-07… vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/22738 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/22485 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/22586 third-party-advisoryx_refsource_SECUNIA
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://secunia.com/advisories/22579 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/22520 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/22479 third-party-advisoryx_refsource_SECUNIA
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://www.trolltech.com/company/newsroom/announc… x_refsource_CONFIRM
    http://secunia.com/advisories/22380 third-party-advisoryx_refsource_SECUNIA
    http://www.ubuntu.com/usn/usn-368-1 vendor-advisoryx_refsource_UBUNTU
    ftp://patches.sgi.com/support/free/security/advis… vendor-advisoryx_refsource_SGI
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://secunia.com/advisories/22645 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/20599 vdb-entryx_refsource_BID
    ftp://patches.sgi.com/support/free/security/advis… vendor-advisoryx_refsource_SGI
    http://bugzilla.redhat.com/bugzilla/show_bug.cgi?… x_refsource_CONFIRM
    http://security.gentoo.org/glsa/glsa-200703-06.xml vendor-advisoryx_refsource_GENTOO
    http://secunia.com/advisories/24347 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/22890 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/22397 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2006-07… vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/22929 third-party-advisoryx_refsource_SECUNIA
    http://security.gentoo.org/glsa/glsa-200611-02.xml vendor-advisoryx_refsource_GENTOO
    http://www.us.debian.org/security/2006/dsa-1200 vendor-advisoryx_refsource_DEBIAN
    http://www.vupen.com/english/advisories/2006/4099 vdb-entryx_refsource_VUPEN
    http://slackware.com/security/viewer.php?l=slackw… vendor-advisoryx_refsource_SLACKWARE
    http://lists.suse.com/archive/suse-security-annou… vendor-advisoryx_refsource_SUSE
    http://secunia.com/advisories/22492 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/22589 third-party-advisoryx_refsource_SECUNIA
    https://issues.rpath.com/browse/RPL-723 x_refsource_CONFIRM
    http://www.securityfocus.com/archive/1/449173/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2006-10-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:23:41.159Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1017084",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1017084"
              },
              {
                "name": "RHSA-2006:0725",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2006-0725.html"
              },
              {
                "name": "22738",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22738"
              },
              {
                "name": "22485",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22485"
              },
              {
                "name": "22586",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22586"
              },
              {
                "name": "oval:org.mitre.oval:def:10218",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10218"
              },
              {
                "name": "22579",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22579"
              },
              {
                "name": "22520",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22520"
              },
              {
                "name": "22479",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22479"
              },
              {
                "name": "MDKSA-2006:186",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:186"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.trolltech.com/company/newsroom/announcements/press.2006-10-19.5434451733"
              },
              {
                "name": "22380",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22380"
              },
              {
                "name": "USN-368-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/usn-368-1"
              },
              {
                "name": "20061002-01-P",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SGI",
                  "x_transferred"
                ],
                "url": "ftp://patches.sgi.com/support/free/security/advisories/20061002-01-P"
              },
              {
                "name": "MDKSA-2006:187",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:187"
              },
              {
                "name": "22645",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22645"
              },
              {
                "name": "20599",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/20599"
              },
              {
                "name": "20061101-01-P",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SGI",
                  "x_transferred"
                ],
                "url": "ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210742"
              },
              {
                "name": "GLSA-200703-06",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200703-06.xml"
              },
              {
                "name": "24347",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24347"
              },
              {
                "name": "22890",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22890"
              },
              {
                "name": "22397",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22397"
              },
              {
                "name": "RHSA-2006:0720",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2006-0720.html"
              },
              {
                "name": "22929",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22929"
              },
              {
                "name": "GLSA-200611-02",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200611-02.xml"
              },
              {
                "name": "DSA-1200",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.us.debian.org/security/2006/dsa-1200"
              },
              {
                "name": "ADV-2006-4099",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/4099"
              },
              {
                "name": "SSA:2006-298-01",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SLACKWARE",
                  "x_transferred"
                ],
                "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.483634"
              },
              {
                "name": "SUSE-SA:2006:063",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.suse.com/archive/suse-security-announce/2006-Oct/0006.html"
              },
              {
                "name": "22492",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22492"
              },
              {
                "name": "22589",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22589"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://issues.rpath.com/browse/RPL-723"
              },
              {
                "name": "20061018 rPSA-2006-0195-1 kdelibs",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/449173/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-10-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Integer overflow in Qt 3.3 before 3.3.7, 4.1 before 4.1.5, and 4.2 before 4.2.1, as used in the KDE khtml library, kdelibs 3.1.3, and possibly other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted pixmap image."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "1017084",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1017084"
            },
            {
              "name": "RHSA-2006:0725",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2006-0725.html"
            },
            {
              "name": "22738",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22738"
            },
            {
              "name": "22485",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22485"
            },
            {
              "name": "22586",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22586"
            },
            {
              "name": "oval:org.mitre.oval:def:10218",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10218"
            },
            {
              "name": "22579",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22579"
            },
            {
              "name": "22520",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22520"
            },
            {
              "name": "22479",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22479"
            },
            {
              "name": "MDKSA-2006:186",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:186"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.trolltech.com/company/newsroom/announcements/press.2006-10-19.5434451733"
            },
            {
              "name": "22380",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22380"
            },
            {
              "name": "USN-368-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/usn-368-1"
            },
            {
              "name": "20061002-01-P",
              "tags": [
                "vendor-advisory",
                "x_refsource_SGI"
              ],
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20061002-01-P"
            },
            {
              "name": "MDKSA-2006:187",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:187"
            },
            {
              "name": "22645",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22645"
            },
            {
              "name": "20599",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/20599"
            },
            {
              "name": "20061101-01-P",
              "tags": [
                "vendor-advisory",
                "x_refsource_SGI"
              ],
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210742"
            },
            {
              "name": "GLSA-200703-06",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200703-06.xml"
            },
            {
              "name": "24347",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24347"
            },
            {
              "name": "22890",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22890"
            },
            {
              "name": "22397",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22397"
            },
            {
              "name": "RHSA-2006:0720",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2006-0720.html"
            },
            {
              "name": "22929",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22929"
            },
            {
              "name": "GLSA-200611-02",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200611-02.xml"
            },
            {
              "name": "DSA-1200",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.us.debian.org/security/2006/dsa-1200"
            },
            {
              "name": "ADV-2006-4099",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/4099"
            },
            {
              "name": "SSA:2006-298-01",
              "tags": [
                "vendor-advisory",
                "x_refsource_SLACKWARE"
              ],
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.483634"
            },
            {
              "name": "SUSE-SA:2006:063",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.suse.com/archive/suse-security-announce/2006-Oct/0006.html"
            },
            {
              "name": "22492",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22492"
            },
            {
              "name": "22589",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22589"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://issues.rpath.com/browse/RPL-723"
            },
            {
              "name": "20061018 rPSA-2006-0195-1 kdelibs",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/449173/100/0/threaded"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2006-4811",
        "datePublished": "2006-10-18T17:00:00.000Z",
        "dateReserved": "2006-09-15T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:23:41.159Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2003-0459 (GCVE-0-2003-0459)

    Vulnerability from cvelistv5 – Published: 2003-08-01 04:00 – Updated: 2024-08-08 01:58
    VLAI
    Summary
    KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://lists.grok.org.uk/pipermail/full-disclosur… mailing-listx_refsource_FULLDISC
    http://www.kde.org/info/security/advisory-2003072… x_refsource_CONFIRM
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    http://www.debian.org/security/2003/dsa-361 vendor-advisoryx_refsource_DEBIAN
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://marc.info/?l=bugtraq&m=105986238428061&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.redhat.com/support/errata/RHSA-2003-236.html vendor-advisoryx_refsource_REDHAT
    http://www.redhat.com/support/errata/RHSA-2003-235.html vendor-advisoryx_refsource_REDHAT
    http://www.turbolinux.com/security/TLSA-2003-45.txt vendor-advisoryx_refsource_TURBO
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRAKE
    Date Public
    2003-07-29 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T01:58:09.652Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20030729 KDE Security Advisory: Konqueror Referrer Authentication Leak",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-July/007300.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.kde.org/info/security/advisory-20030729-1.txt"
              },
              {
                "name": "CLA-2003:747",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000747"
              },
              {
                "name": "DSA-361",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2003/dsa-361"
              },
              {
                "name": "oval:org.mitre.oval:def:411",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A411"
              },
              {
                "name": "20030802 [slackware-security]  KDE packages updated (SSA:2003-213-01)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=105986238428061\u0026w=2"
              },
              {
                "name": "RHSA-2003:236",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2003-236.html"
              },
              {
                "name": "RHSA-2003:235",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2003-235.html"
              },
              {
                "name": "TLSA-2003-45",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_TURBO",
                  "x_transferred"
                ],
                "url": "http://www.turbolinux.com/security/TLSA-2003-45.txt"
              },
              {
                "name": "MDKSA-2003:079",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:079"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2003-07-29T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the \"user:password@host\" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20030729 KDE Security Advisory: Konqueror Referrer Authentication Leak",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-July/007300.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.kde.org/info/security/advisory-20030729-1.txt"
            },
            {
              "name": "CLA-2003:747",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000747"
            },
            {
              "name": "DSA-361",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2003/dsa-361"
            },
            {
              "name": "oval:org.mitre.oval:def:411",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A411"
            },
            {
              "name": "20030802 [slackware-security]  KDE packages updated (SSA:2003-213-01)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=105986238428061\u0026w=2"
            },
            {
              "name": "RHSA-2003:236",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2003-236.html"
            },
            {
              "name": "RHSA-2003:235",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2003-235.html"
            },
            {
              "name": "TLSA-2003-45",
              "tags": [
                "vendor-advisory",
                "x_refsource_TURBO"
              ],
              "url": "http://www.turbolinux.com/security/TLSA-2003-45.txt"
            },
            {
              "name": "MDKSA-2003:079",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:079"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2003-0459",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the \"user:password@host\" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20030729 KDE Security Advisory: Konqueror Referrer Authentication Leak",
                  "refsource": "FULLDISC",
                  "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-July/007300.html"
                },
                {
                  "name": "http://www.kde.org/info/security/advisory-20030729-1.txt",
                  "refsource": "CONFIRM",
                  "url": "http://www.kde.org/info/security/advisory-20030729-1.txt"
                },
                {
                  "name": "CLA-2003:747",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000747"
                },
                {
                  "name": "DSA-361",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2003/dsa-361"
                },
                {
                  "name": "oval:org.mitre.oval:def:411",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A411"
                },
                {
                  "name": "20030802 [slackware-security]  KDE packages updated (SSA:2003-213-01)",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=105986238428061\u0026w=2"
                },
                {
                  "name": "RHSA-2003:236",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2003-236.html"
                },
                {
                  "name": "RHSA-2003:235",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2003-235.html"
                },
                {
                  "name": "TLSA-2003-45",
                  "refsource": "TURBO",
                  "url": "http://www.turbolinux.com/security/TLSA-2003-45.txt"
                },
                {
                  "name": "MDKSA-2003:079",
                  "refsource": "MANDRAKE",
                  "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:079"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2003-0459",
        "datePublished": "2003-08-01T04:00:00.000Z",
        "dateReserved": "2003-06-26T00:00:00.000Z",
        "dateUpdated": "2024-08-08T01:58:09.652Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }