CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2004-0721
https://notcve.org/view.php?id=CVE-2004-0721
23 Jul 2004 — Konqueror 3.1.3, 3.2.2, and possibly other versions does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability. Konqueror 3.1.3, 3.2.2, y posiblemente otras versiones no previenen adecuadamente que un marco de un dominio inyecte contenido en un marco que pertenece a otro dominio, lo que facilita la suplantación de sitios web y otros ataques. Vulnerabilidad tam... • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000864 •
CVSS: 9.8EPSS: 6%CPEs: 1EXPL: 0CVE-2004-0411
https://notcve.org/view.php?id=CVE-2004-0411
20 May 2004 — The URI handlers in Konqueror for KDE 3.2.2 and earlier do not properly filter "-" characters that begin a hostname in a (1) telnet, (2) rlogin, (3) ssh, or (4) mailto URI, which allows remote attackers to manipulate the options that are passed to the associated programs, possibly to read arbitrary files or execute arbitrary code. Los manejadores de URI en Konqueror de KDE 3.2.2 y anteriores no filtran adecuadamente caractéres "-" en el inicio de un nombre de máquina en URIs (1) telnet, (2) rlogin, (3) ssh,... • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000843 • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •