Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files.
References
Link | Resource |
---|---|
http://marc.info/?l=bugtraq&m=110356286722875&w=2 | |
http://secunia.com/advisories/13586 | Patch Vendor Advisory |
http://www.gentoo.org/security/en/glsa/glsa-200501-16.xml | Patch Vendor Advisory |
http://www.heise.de/security/dienste/browsercheck/tests/java.shtml | Vendor Advisory |
http://www.kb.cert.org/vuls/id/420222 | Patch Third Party Advisory US Government Resource |
http://www.kde.org/info/security/advisory-20041220-1.txt | Patch Vendor Advisory |
http://www.mandriva.com/security/advisories?name=MDKSA-2004:154 | |
http://www.redhat.com/support/errata/RHSA-2005-065.html | Patch Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/18596 | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10173 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2004-12-31T05:00:00
Updated: 2017-10-10T00:57:01
Reserved: 2004-12-06T00:00:00
Link: CVE-2004-1145
JSON object: View
NVD Information
Status : Modified
Published: 2004-12-15T05:00:00.000
Modified: 2017-10-11T01:29:42.387
Link: CVE-2004-1145
JSON object: View
Redhat Information
No data.
CWE