Window Injection Vulnerability in Konqueror by KDE
CVE-2004-1158

Currently unrated

Key Information:

Vendor: Kde
Status: Konqueror
Vendor: CVE Published:; 10 January 2005

What is CVE-2004-1158?

The vulnerability allows remote attackers to spoof arbitrary websites by injecting content from one browser window into another targeted window or tab with a known name, despite existing in different domains. This can be exploited through pop-up windows on trusted sites, posing a significant security risk by misleading users into believing they are interacting with a legitimate page.

References

http://secunia.com/advisories/13486

third-party-advisoryx_refsource_SECUNIA

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://secunia.com/advisories/13254

third-party-advisoryx_refsource_SECUNIA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 10, 2005
Vulnerability Reserved
Dec 8, 2004

CVE-2004-1158 Data

JSON

Kde

What is CVE-2004-1158?

References

Timeline