Vulnerabilities > CVE-2004-1145
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files.
Vulnerable Configurations
Nessus
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2005-065.NASL description Updated kdelibs packages that resolve security issues in Konqueror are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The kdelibs packages include libraries for the K Desktop Environment. Two flaws were found in the sandbox environment used to run Java-applets in the Konqueror web browser. If a user has Java enabled in Konqueror and visits a malicious website, the website could run a carefully crafted Java-applet and obtain escalated privileges allowing reading and writing of arbitrary files with the privileges of the victim. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-1145 to this issue. A flaw was discovered in the FTP kioslave. KDE applications such as Konqueror could be forced to execute arbitrary FTP commands via a carefully crafted ftp URL. The URL could also be crafted in such a way as to send an arbitrary email via SMTP. An attacker could make use of this flaw if a victim visits a malicious website. The Common Vulnerabilities and Exposures project has assigned the name CVE-2004-1165 to this issue. Users should update to these erratum packages which contain backported patches to correct these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 17177 published 2005-02-22 reporter This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/17177 title RHEL 4 : kdelibs (RHSA-2005:065) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200501-16.NASL description The remote host is affected by the vulnerability described in GLSA-200501-16 (Konqueror: Java sandbox vulnerabilities) Konqueror contains two errors that allow JavaScript scripts and Java applets to have access to restricted Java classes. Impact : A remote attacker could embed a malicious Java applet in a web page and entice a victim to view it. This applet can then bypass security restrictions and execute any command, or access any file with the rights of the user running Konqueror. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 16407 published 2005-02-14 reporter This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/16407 title GLSA-200501-16 : Konqueror: Java sandbox vulnerabilities NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2004-154.NASL description A vulnerability in the Konqueror webbrowser was discovered where an untrusted java applet could escalate privileges (through JavaScript calling into Java code). This includes the reading and writing of files with the privileges of the user running the applet. The provided packages have been patched to correct this problem. last seen 2020-06-01 modified 2020-06-02 plugin id 16035 published 2004-12-23 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/16035 title Mandrake Linux Security Advisory : kdelibs (MDKSA-2004:154)
Oval
| accepted | 2013-04-29T04:02:38.878-04:00 | ||||||||||||
| class | vulnerability | ||||||||||||
| contributors |
| ||||||||||||
| definition_extensions |
| ||||||||||||
| description | Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files. | ||||||||||||
| family | unix | ||||||||||||
| id | oval:org.mitre.oval:def:10173 | ||||||||||||
| status | accepted | ||||||||||||
| submitted | 2010-07-09T03:56:16-04:00 | ||||||||||||
| title | Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files. | ||||||||||||
| version | 26 |
Redhat
| advisories |
| ||||
| rpms |
|
References
- http://marc.info/?l=bugtraq&m=110356286722875&w=2
- http://secunia.com/advisories/13586
- http://www.gentoo.org/security/en/glsa/glsa-200501-16.xml
- http://www.heise.de/security/dienste/browsercheck/tests/java.shtml
- http://www.kb.cert.org/vuls/id/420222
- http://www.kde.org/info/security/advisory-20041220-1.txt
- http://www.mandriva.com/security/advisories?name=MDKSA-2004:154
- http://www.redhat.com/support/errata/RHSA-2005-065.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18596
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10173