CVE
- Id
- 8839
- CVE No.
- CVE-2004-0411
- Status
- Candidate
- Description
- The URI handlers in Konqueror for KDE 3.2.2 and earlier do not properly filter "-" characters that begin a hostname in a (1) telnet, (2) rlogin, (3) ssh, or (4) mailto URI, which allows remote attackers to manipulate the options that are passed to the associated programs, possibly to read arbitrary files or execute arbitrary code.
- Phase
- Assigned (20040416)
- Votes
- None (candidate not yet proposed)
- Comments
Related CVE References
| Id | CVE Id | CVE No. | Reference | Actions |
|---|---|---|---|---|
| 56081 | 8839 | CVE-2004-0411 | BUGTRAQ:20040513 Opera Telnet URI Handler Vulnerability also applies to other browsers | View |
| 56082 | 8839 | CVE-2004-0411 | URL:http://www.securityfocus.com/archive/1/363225 | View |
| 56083 | 8839 | CVE-2004-0411 | BUGTRAQ:20040517 KDE Security Advisory: URI Handler Vulnerabilities | View |
| 56084 | 8839 | CVE-2004-0411 | URL:http://marc.info/?l=bugtraq&m=108481412427344&w=2 | View |
| 56085 | 8839 | CVE-2004-0411 | CONFIRM:http://www.kde.org/info/security/advisory-20040517-1.txt | View |
| 56086 | 8839 | CVE-2004-0411 | CONECTIVA:CLA-2004:843 | View |
| 56087 | 8839 | CVE-2004-0411 | URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000843 | View |
| 56088 | 8839 | CVE-2004-0411 | DEBIAN:DSA-518 | View |
| 56089 | 8839 | CVE-2004-0411 | URL:http://www.debian.org/security/2004/dsa-518 | View |
| 56090 | 8839 | CVE-2004-0411 | FEDORA:FEDORA-2004-121 | View |
| 56091 | 8839 | CVE-2004-0411 | URL:http://www.securityfocus.com/advisories/6717 | View |
| 56092 | 8839 | CVE-2004-0411 | FEDORA:FEDORA-2004-122 | View |
| 56093 | 8839 | CVE-2004-0411 | URL:http://www.securityfocus.com/advisories/6743 | View |
| 56094 | 8839 | CVE-2004-0411 | GENTOO:GLSA-200405-11 | View |
| 56095 | 8839 | CVE-2004-0411 | URL:http://security.gentoo.org/glsa/glsa-200405-11.xml | View |
| 56096 | 8839 | CVE-2004-0411 | REDHAT:RHSA-2004:222 | View |
| 56097 | 8839 | CVE-2004-0411 | URL:http://www.redhat.com/support/errata/RHSA-2004-222.html | View |
| 56098 | 8839 | CVE-2004-0411 | SUSE:SuSE-SA:2003:014 | View |
| 56099 | 8839 | CVE-2004-0411 | URL:http://www.novell.com/linux/security/advisories/2004_14_kdelibs.html | View |
| 56100 | 8839 | CVE-2004-0411 | SLACKWARE:SSA:2004-238 | View |
| 56101 | 8839 | CVE-2004-0411 | URL:http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.362635 | View |
| 56102 | 8839 | CVE-2004-0411 | CIAC:O-146 | View |
| 56103 | 8839 | CVE-2004-0411 | URL:http://www.ciac.org/ciac/bulletins/o-146.shtml | View |
| 56104 | 8839 | CVE-2004-0411 | BID:10358 | View |
| 56105 | 8839 | CVE-2004-0411 | URL:http://www.securityfocus.com/bid/10358 | View |
| 56106 | 8839 | CVE-2004-0411 | OSVDB:6107 | View |
| 56107 | 8839 | CVE-2004-0411 | URL:http://www.osvdb.org/6107 | View |
| 56108 | 8839 | CVE-2004-0411 | OVAL:oval:org.mitre.oval:def:954 | View |
| 56109 | 8839 | CVE-2004-0411 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:954 | View |
| 56110 | 8839 | CVE-2004-0411 | SECUNIA:11602 | View |
| 56111 | 8839 | CVE-2004-0411 | URL:http://secunia.com/advisories/11602 | View |
| 56112 | 8839 | CVE-2004-0411 | XF:kde-url-handler-gain-access(16163) | View |
Related JVN
| Id | JVN No. | Title | Summary | CVE No. | CVE Id | CVSS_v2 | CVSS_v3 | JVN URL | Actions |
|---|---|---|---|---|---|---|---|---|---|
| 62866 | JVNDB-2004-000208 | GNU Mailman におけるユーザのパスワード情報が漏洩する脆弱性 | GNU Mailman には、セキュリティ上の不備のため、第三者にメーリングリストメンバのパスワードが漏洩してしまう脆弱性が存在します。 | CVE-2004-0412 | 8839 | 5 | http://jvndb.jvn.jp/ja/contents/2004/JVNDB-2004-000208.html | View |
