CVE-2003-0459
published 2003-08-27CVE-2003-0459: KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which…
medium5CVSS 3.1
AVNACLAuNCPINAN
KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites.
Affected
27 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| kde | konqueror | — | — |
| kde | konqueror | — | — |
| kde | konqueror | — | — |
| kde | konqueror | — | — |
| kde | konqueror | — | — |
| kde | konqueror | — | — |
| kde | konqueror | — | — |
| kde | konqueror | — | — |
| kde | konqueror | — | — |
| kde | konqueror | — | — |
| kde | konqueror_embedded | — | — |
| redhat | analog_real-time_synthesizer | — | — |
| redhat | analog_real-time_synthesizer | — | — |
| redhat | kdebase | — | — |
| redhat | kdelibs | — | — |
| redhat | kdelibs | — | — |
| redhat | kdelibs | — | — |
| redhat | kdelibs | — | — |
| redhat | kdelibs_devel | — | — |
| redhat | kdelibs_devel | — | — |
| redhat | kdelibs_devel | — | — |
| redhat | kdelibs_devel | — | — |
| redhat | kdelibs_devel | — | — |
| redhat | kdelibs_sound | — | — |
| redhat | kdelibs_sound | — | — |