Information disclosure in Kde Konqueror

CVE-2007-1564

The FTP protocol implementation in Konqueror 3.5.5 allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV…

Vulnerability class: Information Disclosure

EPSS: 0.038 (88.6th percentile) — read the EPSS interpretation.

Affected products

Kde Konqueror — versions 3.5.5
N/a — versions n/a

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

cve@mitre.org (x_refsource_REDHAT, vendor-advisory)
cve@mitre.org (x_refsource_CONFIRM)
cve@mitre.org (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
cve@mitre.org (x_refsource_UBUNTU, vendor-advisory)
cve@mitre.org (x_refsource_OVAL, signature, vdb-entry)
cve@mitre.org (vendor-advisory, x_refsource_SUSE)
cve@mitre.org (x_refsource_MISC)
cve@mitre.org (x_refsource_CONFIRM)
cve@mitre.org (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
cve@mitre.org (vdb-entry, x_refsource_SECTRACK)