Kde: >> Konqueror >> 3.2.2 Security Vulnerabilities
KDE Konqueror 3.5.1 and earlier allows remote attackers to cause a denial of service (application crash) by calling the replaceChild method on a DOM object, which triggers a null dereference, as demonstrated by calling document.replaceChild with a 0 (zero) argument.
CVSS Score
2.6
EPSS Score
0.056
Published
2006-07-18
Konqueror 3.1.3, 3.2.2, and possibly other versions does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.
CVSS Score
7.5
EPSS Score
0.008
Published
2004-07-27