CVE-2004-0721

6 documents5 sources
Severity
7.5HIGH
EPSS
0.8%
top 26.22%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
KDE Konqueror
Timeline
PublishedJul 27
Latest updateApr 29

Description

Konqueror 3.1.3, 3.2.2, and possibly other versions does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDkde/konqueror3.1.3, 3.2.2+1

🔴Vulnerability Details

2
GHSA
GHSA-5w5x-24p6-895v: Konqueror 32022-04-29
CVEList
CVE-2004-0721: Konqueror 32004-07-23

📋Vendor Advisories

1
Red Hat
security flaw2004-07-01

💬Community

1
Bugzilla
CVE-2004-0721 security flaw2018-08-16
CVE-2004-0721 (HIGH CVSS 7.5) | Konqueror 3.1.3 | cvebase.io