Vulnerabilities > KDE > Konqueror > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-07-17 | CVE-2007-3820 | Unspecified vulnerability in KDE Konqueror 3.5.7 konqueror/konq_combo.cc in Konqueror 3.5.7 allows remote attackers to spoof the data: URI scheme in the address bar via a long URI with trailing whitespace, which prevents the beginning of the URI from being displayed. | 2.6 |
2007-01-29 | CVE-2007-0537 | Cross-Site Scripting vulnerability in KDE Konqueror 3.5.5 The KDE HTML library (kdelibs), as used by Konqueror 3.5.5, does not properly parse HTML comments, which allows remote attackers to conduct cross-site scripting (XSS) attacks and bypass some XSS protection schemes by embedding certain HTML tags within a comment in a title tag, a related issue to CVE-2007-0478. | 2.6 |
2006-07-18 | CVE-2006-3672 | Denial Of Service vulnerability in KDE Konqueror ReplaceChild KDE Konqueror 3.5.1 and earlier allows remote attackers to cause a denial of service (application crash) by calling the replaceChild method on a DOM object, which triggers a null dereference, as demonstrated by calling document.replaceChild with a 0 (zero) argument. | 2.6 |