Описание
The URI handlers in Konqueror for KDE 3.2.2 and earlier do not properly filter "-" characters that begin a hostname in a (1) telnet, (2) rlogin, (3) ssh, or (4) mailto URI, which allows remote attackers to manipulate the options that are passed to the associated programs, possibly to read arbitrary files or execute arbitrary code.
Ссылки
- Broken Link
- Mailing ListThird Party Advisory
- Broken Link
- Third Party Advisory
- Broken Link
- Third Party Advisory
- PatchVendor Advisory
- Broken Link
- Broken Link
- Broken Link
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkThird Party AdvisoryVDB EntryVendor Advisory
- Broken LinkThird Party AdvisoryVDB Entry
- http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.362635Broken Link
- Third Party AdvisoryVDB Entry
- Broken LinkTool Signature
- Broken Link
- Mailing ListThird Party Advisory
- Broken Link
Уязвимые конфигурации
EPSS
7.5 High
CVSS2
Дефекты
Связанные уязвимости
The URI handlers in Konqueror for KDE 3.2.2 and earlier do not properly filter "-" characters that begin a hostname in a (1) telnet, (2) rlogin, (3) ssh, or (4) mailto URI, which allows remote attackers to manipulate the options that are passed to the associated programs, possibly to read arbitrary files or execute arbitrary code.
The URI handlers in Konqueror for KDE 3.2.2 and earlier do not properl ...
The URI handlers in Konqueror for KDE 3.2.2 and earlier do not properly filter "-" characters that begin a hostname in a (1) telnet, (2) rlogin, (3) ssh, or (4) mailto URI, which allows remote attackers to manipulate the options that are passed to the associated programs, possibly to read arbitrary files or execute arbitrary code.
EPSS
7.5 High
CVSS2