CVE-2004-1145
published 2004-12-15CVE-2004-1145: Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict…
PriorityP429medium5CVSS 2.0
AVNACLAuNCNIPAN
EPSS
4.13%
89.6th percentile
Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files.
Affected
40 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| altlinux | alt_linux | — | — |
| conectiva | linux | — | — |
| conectiva | linux | — | — |
| debian | debian_linux | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:P/A:N
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
security flaw
vendor_redhat·2004-12-20·CVSS 5.0
CVE-2004-1145 [MEDIUM] security flaw
security flaw
Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files.
GHSA
GHSA-95hh-399q-cvw3: Multiple vulnerabilities in Konqueror in KDE 3
ghsa_unreviewed·2022-04-29
CVE-2004-1145 [MEDIUM] GHSA-95hh-399q-cvw3: Multiple vulnerabilities in Konqueror in KDE 3
Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files.
No detection rules found.
No public exploits indexed.
http://marc.info/?l=bugtraq&m=110356286722875&w=2http://secunia.com/advisories/13586http://www.gentoo.org/security/en/glsa/glsa-200501-16.xmlhttp://www.heise.de/security/dienste/browsercheck/tests/java.shtmlhttp://www.kb.cert.org/vuls/id/420222http://www.kde.org/info/security/advisory-20041220-1.txthttp://www.mandriva.com/security/advisories?name=MDKSA-2004:154http://www.redhat.com/support/errata/RHSA-2005-065.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/18596https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10173http://marc.info/?l=bugtraq&m=110356286722875&w=2http://secunia.com/advisories/13586http://www.gentoo.org/security/en/glsa/glsa-200501-16.xmlhttp://www.heise.de/security/dienste/browsercheck/tests/java.shtmlhttp://www.kb.cert.org/vuls/id/420222http://www.kde.org/info/security/advisory-20041220-1.txthttp://www.mandriva.com/security/advisories?name=MDKSA-2004:154http://www.redhat.com/support/errata/RHSA-2005-065.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/18596https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10173
2004-12-15
Published