// For flags

CVE-2003-0459

 

Severity Score

5.0
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites.

KDE Konqueror de KDE 3.1.2 y anteriores no elimina los credenciales de autenticación de URLs de la forma "usuario:contraseña@máquina" en la cabecera HTTP-Referer, lo que podría permitir a sitios web remotos robar las credenciales de páginas que enlazan a esos sitios.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2003-06-26 CVE Reserved
  • 2003-08-01 CVE Published
  • 2024-01-10 EPSS Updated
  • 2024-08-08 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Kde
Search vendor "Kde"
Konqueror
Search vendor "Kde" for product "Konqueror"
2.1.1
Search vendor "Kde" for product "Konqueror" and version "2.1.1"
-
Affected
Kde
Search vendor "Kde"
Konqueror
Search vendor "Kde" for product "Konqueror"
2.2.2
Search vendor "Kde" for product "Konqueror" and version "2.2.2"
-
Affected
Kde
Search vendor "Kde"
Konqueror
Search vendor "Kde" for product "Konqueror"
3.0
Search vendor "Kde" for product "Konqueror" and version "3.0"
-
Affected
Kde
Search vendor "Kde"
Konqueror
Search vendor "Kde" for product "Konqueror"
3.0.1
Search vendor "Kde" for product "Konqueror" and version "3.0.1"
-
Affected
Kde
Search vendor "Kde"
Konqueror
Search vendor "Kde" for product "Konqueror"
3.0.2
Search vendor "Kde" for product "Konqueror" and version "3.0.2"
-
Affected
Kde
Search vendor "Kde"
Konqueror
Search vendor "Kde" for product "Konqueror"
3.0.3
Search vendor "Kde" for product "Konqueror" and version "3.0.3"
-
Affected
Kde
Search vendor "Kde"
Konqueror
Search vendor "Kde" for product "Konqueror"
3.0.5
Search vendor "Kde" for product "Konqueror" and version "3.0.5"
-
Affected
Kde
Search vendor "Kde"
Konqueror
Search vendor "Kde" for product "Konqueror"
3.1
Search vendor "Kde" for product "Konqueror" and version "3.1"
-
Affected
Kde
Search vendor "Kde"
Konqueror
Search vendor "Kde" for product "Konqueror"
3.1.1
Search vendor "Kde" for product "Konqueror" and version "3.1.1"
-
Affected
Kde
Search vendor "Kde"
Konqueror
Search vendor "Kde" for product "Konqueror"
3.1.2
Search vendor "Kde" for product "Konqueror" and version "3.1.2"
-
Affected
Kde
Search vendor "Kde"
Konqueror Embedded
Search vendor "Kde" for product "Konqueror Embedded"
0.1
Search vendor "Kde" for product "Konqueror Embedded" and version "0.1"
-
Affected
Redhat
Search vendor "Redhat"
Analog Real-time Synthesizer
Search vendor "Redhat" for product "Analog Real-time Synthesizer"
2.1.1-5
Search vendor "Redhat" for product "Analog Real-time Synthesizer" and version "2.1.1-5"
i386
Affected
Redhat
Search vendor "Redhat"
Analog Real-time Synthesizer
Search vendor "Redhat" for product "Analog Real-time Synthesizer"
2.2-11
Search vendor "Redhat" for product "Analog Real-time Synthesizer" and version "2.2-11"
i386
Affected
Redhat
Search vendor "Redhat"
Analog Real-time Synthesizer
Search vendor "Redhat" for product "Analog Real-time Synthesizer"
2.2-11
Search vendor "Redhat" for product "Analog Real-time Synthesizer" and version "2.2-11"
ia64
Affected
Redhat
Search vendor "Redhat"
Kdebase
Search vendor "Redhat" for product "Kdebase"
3.0.3-13
Search vendor "Redhat" for product "Kdebase" and version "3.0.3-13"
i386
Affected
Redhat
Search vendor "Redhat"
Kdebase
Search vendor "Redhat" for product "Kdebase"
3.0.3-13
Search vendor "Redhat" for product "Kdebase" and version "3.0.3-13"
i386_dev
Affected
Redhat
Search vendor "Redhat"
Kdelibs
Search vendor "Redhat" for product "Kdelibs"
2.1.1-5
Search vendor "Redhat" for product "Kdelibs" and version "2.1.1-5"
i386
Affected
Redhat
Search vendor "Redhat"
Kdelibs
Search vendor "Redhat" for product "Kdelibs"
2.2-11
Search vendor "Redhat" for product "Kdelibs" and version "2.2-11"
i386
Affected
Redhat
Search vendor "Redhat"
Kdelibs
Search vendor "Redhat" for product "Kdelibs"
2.2-11
Search vendor "Redhat" for product "Kdelibs" and version "2.2-11"
ia64
Affected
Redhat
Search vendor "Redhat"
Kdelibs
Search vendor "Redhat" for product "Kdelibs"
3.0.0-10
Search vendor "Redhat" for product "Kdelibs" and version "3.0.0-10"
i386
Affected
Redhat
Search vendor "Redhat"
Kdelibs
Search vendor "Redhat" for product "Kdelibs"
3.1-10
Search vendor "Redhat" for product "Kdelibs" and version "3.1-10"
i386
Affected
Redhat
Search vendor "Redhat"
Kdelibs Devel
Search vendor "Redhat" for product "Kdelibs Devel"
2.1.1-5
Search vendor "Redhat" for product "Kdelibs Devel" and version "2.1.1-5"
i386_dev
Affected
Redhat
Search vendor "Redhat"
Kdelibs Devel
Search vendor "Redhat" for product "Kdelibs Devel"
2.2-11
Search vendor "Redhat" for product "Kdelibs Devel" and version "2.2-11"
i386_dev
Affected
Redhat
Search vendor "Redhat"
Kdelibs Devel
Search vendor "Redhat" for product "Kdelibs Devel"
2.2-11
Search vendor "Redhat" for product "Kdelibs Devel" and version "2.2-11"
ia64_dev
Affected
Redhat
Search vendor "Redhat"
Kdelibs Devel
Search vendor "Redhat" for product "Kdelibs Devel"
3.0.0-10
Search vendor "Redhat" for product "Kdelibs Devel" and version "3.0.0-10"
i386_dev
Affected
Redhat
Search vendor "Redhat"
Kdelibs Devel
Search vendor "Redhat" for product "Kdelibs Devel"
3.0.3-8
Search vendor "Redhat" for product "Kdelibs Devel" and version "3.0.3-8"
i386_dev
Affected
Redhat
Search vendor "Redhat"
Kdelibs Devel
Search vendor "Redhat" for product "Kdelibs Devel"
3.1-10
Search vendor "Redhat" for product "Kdelibs Devel" and version "3.1-10"
i386_dev
Affected
Redhat
Search vendor "Redhat"
Kdelibs Sound
Search vendor "Redhat" for product "Kdelibs Sound"
2.1.1-5
Search vendor "Redhat" for product "Kdelibs Sound" and version "2.1.1-5"
i386_sound
Affected
Redhat
Search vendor "Redhat"
Kdelibs Sound
Search vendor "Redhat" for product "Kdelibs Sound"
2.2-11
Search vendor "Redhat" for product "Kdelibs Sound" and version "2.2-11"
i386_sound
Affected
Redhat
Search vendor "Redhat"
Kdelibs Sound
Search vendor "Redhat" for product "Kdelibs Sound"
2.2-11
Search vendor "Redhat" for product "Kdelibs Sound" and version "2.2-11"
ia64_sound
Affected
Redhat
Search vendor "Redhat"
Kdelibs Sound Devel
Search vendor "Redhat" for product "Kdelibs Sound Devel"
2.1.1-5
Search vendor "Redhat" for product "Kdelibs Sound Devel" and version "2.1.1-5"
i386_sound_dev
Affected
Redhat
Search vendor "Redhat"
Kdelibs Sound Devel
Search vendor "Redhat" for product "Kdelibs Sound Devel"
2.2-11
Search vendor "Redhat" for product "Kdelibs Sound Devel" and version "2.2-11"
i386_sound_dev
Affected
Redhat
Search vendor "Redhat"
Kdelibs Sound Devel
Search vendor "Redhat" for product "Kdelibs Sound Devel"
2.2-11
Search vendor "Redhat" for product "Kdelibs Sound Devel" and version "2.2-11"
ia64_sound_dev
Affected