Vulnerability Details CVE-2004-0721
Konqueror 3.1.3, 3.2.2, and possibly other versions does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 72.8%
CVSS Severity
CVSS v2 Score 7.5
References
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000864
- http://marc.info/?l=bugtraq&m=109225538901170&w=2
- http://secunia.com/advisories/11978
- http://secunia.com/multiple_browsers_frame_injection_vulnerability_test/
- http://security.gentoo.org/glsa/glsa-200408-13.xml
- http://www.kde.org/info/security/advisory-20040811-3.txt
- https://exchange.xforce.ibmcloud.com/vulnerabilities/1598
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11371
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000864
- http://marc.info/?l=bugtraq&m=109225538901170&w=2
- http://secunia.com/advisories/11978
- http://secunia.com/multiple_browsers_frame_injection_vulnerability_test/
- http://security.gentoo.org/glsa/glsa-200408-13.xml
- http://www.kde.org/info/security/advisory-20040811-3.txt
- https://exchange.xforce.ibmcloud.com/vulnerabilities/1598
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11371