Java Class Access Vulnerability in Konqueror by KDE
CVE-2004-1145

Currently unrated

Key Information:

Vendor: Ethereal Group
Status: Ethereal; Linux; Propack
Vendor: CVE Published:; 15 December 2004

🔔 Create Ethereal Group Vulnerability Alert

What is CVE-2004-1145?

Multiple vulnerabilities in the Konqueror web browser affect KDE versions up to 3.3.1. The first vulnerability allows access to restricted Java classes via JavaScript, while the second fails to properly restrict access to certain Java classes from Java applets. This can enable remote attackers to circumvent sandbox restrictions, potentially allowing them to read or write arbitrary files on the user's system. This poses significant risks, as malicious actors can exploit these vulnerabilities to gain unauthorized access to sensitive information.

References

http://www.redhat.com/support/errata/RHSA-2005-065.html

vendor-advisoryx_refsource_REDHAT

http://marc.info/?l=bugtraq&m=110356286722875&w=2

mailing-listx_refsource_BUGTRAQ

https://exchange.xforce.ibmcloud.com/vulnerabilities/18596

vdb-entryx_refsource_XF

EPSS Score

6% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 15, 2004
Vulnerability Reserved
Dec 6, 2004