Vulnerability in Kde Konqueror

CVE-2003-0592

Konqueror in KDE 3.1.3 and earlier (kdelibs) allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Konqueror to send t…

EPSS: 0.044 (90.1th percentile) — read the EPSS interpretation.

Affected products

Kde Konqueror — versions 2.1.1, 2.2.2, 3.0
Kde Konqueror_embedded — versions 0.1
N/a — versions n/a

References

cve@mitre.org (mailing-list, x_refsource_FULLDISC)
cve@mitre.org (Vendor Advisory, mailing-list, x_refsource_VULNWATCH, Exploit)
cve@mitre.org (vendor-advisory, Patch, x_refsource_DEBIAN, Vendor Advisory)
cve@mitre.org (x_refsource_OVAL, signature, vdb-entry)
cve@mitre.org (x_refsource_REDHAT, vendor-advisory, Patch, Vendor Advisory)
cve@mitre.org (vendor-advisory, x_refsource_MANDRAKE)