Vulnerabilities > KDE > Konqueror > 3.2.2.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-07-18 | CVE-2006-3672 | Denial Of Service vulnerability in KDE Konqueror ReplaceChild KDE Konqueror 3.5.1 and earlier allows remote attackers to cause a denial of service (application crash) by calling the replaceChild method on a DOM object, which triggers a null dereference, as demonstrated by calling document.replaceChild with a 0 (zero) argument. | 2.6 |
2005-12-31 | CVE-2005-4684 | Unspecified vulnerability in KDE Konqueror Konqueror can associate a cookie with multiple domains when the DNS resolver has a non-root domain in its search list, which allows remote attackers to trick a user into accepting a cookie for a hostname formed via search-list expansion of the hostname entered by the user, or steal a cookie for an expanded hostname, as demonstrated by an attacker who operates an ap1.com Internet web site to steal cookies associated with an ap1.com.example.com intranet web site. | 6.4 |
2005-01-10 | CVE-2004-1158 | Remote Window Hijacking vulnerability in KDE Konqueror Konqueror 3.x up to 3.2.2-6, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window or tab whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability. | 7.5 |