Kde Konqueror
35 CVEs affecting Kde Konqueror. Latest disclosed: 2020-02-08. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2012-4512 | High | 8.8 | 2020-02-08 | The CSS parser (khtml/css/cssparser.cpp) in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via a… |
CVE-2009-4976 | | 2010-08-02 | Cross-site scripting (XSS) vulnerability in webkitpart.cpp in kwebkitpart allows remote attackers to inject arbitrary web script or HTML via a URL associated w… | |
CVE-2009-2537 | | 2009-07-20 | KDE Konqueror allows remote attackers to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a… | |
CVE-2008-5712 | | 2008-12-24 | The HTML parser in KDE Konqueror 3.5.9 allows remote attackers to cause a denial of service (application crash) via (1) a long COLOR attribute in an HR element… | |
CVE-2008-5698 | | 2008-12-22 | HTMLTokenizer::scriptHandler in Konqueror in KDE 3.5.9 and 3.5.10 allows remote attackers to cause a denial of service (application crash) via an invalid docum… | |
CVE-2008-4382 | | 2008-10-02 | Konqueror in KDE 3.5.9 allows remote attackers to cause a denial of service (application crash) via Javascript that calls the alert function with a URL-encoded… | |
CVE-2007-6591 | | 2007-12-28 | KDE Konqueror 3.5.5 and 3.95.00, when a user accepts an SSL server certificate on the basis of the CN domain name in the DN field, regards the certificate as a… | |
CVE-2007-6000 | | 2007-11-15 | KDE Konqueror 3.5.6 and earlier allows remote attackers to cause a denial of service (crash) via large HTTP cookie parameters. | |
CVE-2007-4229 | | 2007-08-08 | Unspecified vulnerability in KDE Konqueror 3.5.7 and earlier allows remote attackers to cause a denial of service (failed assertion and application crash) via… | |
CVE-2007-4225 | | 2007-08-08 | Visual truncation vulnerability in KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar via an http URI with a large amount of whitespace i… | |
CVE-2007-4224 | | 2007-08-08 | KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar by calling setInterval with a small interval and changing the window.location property. | |
CVE-2007-3820 | | 2007-07-17 | konqueror/konq_combo.cc in Konqueror 3.5.7 allows remote attackers to spoof the data: URI scheme in the address bar via a long URI with trailing whitespace, wh… | |
CVE-2007-3143 | | 2007-06-11 | Visual truncation vulnerability in Konqueror 3.5.5 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname… | |
CVE-2007-2164 | | 2007-04-22 | Konqueror 3.5.5 release 45.4 allows remote attackers to cause a denial of service (browser crash or abort) via JavaScript that matches a regular expression aga… | |
CVE-2007-1565 | | 2007-03-21 | Konqueror 3.5.5 allows remote attackers to cause a denial of service (crash) by using JavaScript to read a child iframe having an ftp:// URI. | |
CVE-2007-1564 | | 2007-03-21 | The FTP protocol implementation in Konqueror 3.5.5 allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtai… | |
CVE-2007-1308 | | 2007-03-07 | ecma/kjs_html.cpp in KDE JavaScript (KJS), as used in Konqueror in KDE 3.5.5, allows remote attackers to cause a denial of service (crash) by accessing the con… | |
CVE-2007-0537 | | 2007-01-29 | The KDE HTML library (kdelibs), as used by Konqueror 3.5.5, does not properly parse HTML comments, which allows remote attackers to conduct cross-site scriptin… | |
CVE-2006-3672 | | 2006-07-18 | KDE Konqueror 3.5.1 and earlier allows remote attackers to cause a denial of service (application crash) by calling the replaceChild method on a DOM object, wh… | |
CVE-2005-4684 | | 2005-12-31 | Konqueror can associate a cookie with multiple domains when the DNS resolver has a non-root domain in its search list, which allows remote attackers to trick a… |