| Definition Id: oval:org.mitre.oval:def:823 |
Version: 2
Last Modified: 2007-04-10
|
| Title: |
Konqueror Cookie Access Restrictions Bypass Vulnerability |
| Description: |
Konqueror in KDE 3.1.3 and earlier (kdelibs) allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Konqueror to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application. |
| Family: |
unix |
Class: |
vulnerability |
| Status: |
ACCEPTED |
Reference(s): |
CVE-2003-0592
|
| Platform(s): |
Red Hat Linux 9 |
Product(s): |
KDE |
| Definition Synopsis: |
- Software section
- AND Configuration section
- /usr/bin/konqueror is executable
|
