CVE-2007-3143
published 2007-06-11CVE-2007-3143: Visual truncation vulnerability in Konqueror 3.5.5 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname…
PriorityP429medium6.4CVSS 2.0
AVNACLAuNCPIPAN
EPSS
1.99%
78.1th percentile
Visual truncation vulnerability in Konqueror 3.5.5 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after a certain number of characters, as demonstrated by a phishing attack using HTTP Basic Authentication.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| kde | konqueror | — | — |
CVSS provenance
nvdv2.06.4MEDIUMAV:N/AC:L/Au:N/C:P/I:P/A:N
vendor_redhat6.4MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-8q49-xx2f-95qc: Visual truncation vulnerability in Konqueror 3
ghsa_unreviewed·2022-05-01
CVE-2007-3143 [MEDIUM] GHSA-8q49-xx2f-95qc: Visual truncation vulnerability in Konqueror 3
Visual truncation vulnerability in Konqueror 3.5.5 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after a certain number of characters, as demonstrated by a phishing attack using HTTP Basic Authentication.
Red Hat
konqueror visual hostname truncation in HTTP authentication dialog
vendor_redhat·2007-06-06·CVSS 6.4
CVE-2007-3143 [MEDIUM] CWE-222 konqueror visual hostname truncation in HTTP authentication dialog
konqueror visual hostname truncation in HTTP authentication dialog
Visual truncation vulnerability in Konqueror 3.5.5 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after a certain number of characters, as demonstrated by a phishing attack using HTTP Basic Authentication.
Statement: Red Hat Product Security has rated this issue as having Low security impact. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.
Package: kdebase (Red Hat Enterprise Linux 4) - Will not fix
Package: kdebase (Red Hat Enterprise Linux 5) - Will not fix
Package: kdebase (Red Hat Ent
No detection rules found.
No public exploits indexed.
http://osvdb.org/43465http://testing.bitsploit.de/test.htmlhttp://www.0x000000.com/?i=334http://www.securityfocus.com/bid/24352https://exchange.xforce.ibmcloud.com/vulnerabilities/34983http://osvdb.org/43465http://testing.bitsploit.de/test.htmlhttp://www.0x000000.com/?i=334http://www.securityfocus.com/bid/24352https://exchange.xforce.ibmcloud.com/vulnerabilities/34983
2007-06-11
Published