Description
Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files.
CVSS Metrics
- Vector
- AV:N/AC:L/Au:N/C:N/I:P/A:N
- Access Vector
- network
- Access Cmplx
- low
- Auth
- none
- Confidentiality
- none
- Integrity
- partial
- Availability
- none
- Weaknesses
- NVD-CWE-Other
Metadata
- Primary Vendor
- ETHEREAL_GROUP
- Published
- 12/15/2004
- Last Modified
- 4/3/2025
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
ethereal_group : etherealethereal_group : etherealethereal_group : etherealethereal_group : etherealethereal_group : etherealethereal_group : etherealethereal_group : etherealethereal_group : etherealethereal_group : etherealethereal_group : etherealethereal_group : etherealethereal_group : etherealethereal_group : etherealethereal_group : etherealethereal_group : etherealethereal_group : etherealethereal_group : etherealethereal_group : etherealethereal_group : etherealethereal_group : etherealethereal_group : etherealethereal_group : etherealethereal_group : etherealethereal_group : etherealethereal_group : etherealsgi : propackconectiva : linuxconectiva : linuxaltlinux : alt_linuxaltlinux : alt_linuxdebian : debian_linuxdebian : debian_linuxdebian : debian_linuxdebian : debian_linuxdebian : debian_linuxdebian : debian_linuxdebian : debian_linuxdebian : debian_linuxdebian : debian_linuxdebian : debian_linuxdebian : debian_linuxredhat : enterprise_linuxredhat : enterprise_linuxredhat : enterprise_linuxredhat : enterprise_linuxredhat : enterprise_linuxredhat : enterprise_linuxredhat : enterprise_linuxredhat : enterprise_linuxredhat : enterprise_linuxredhat : enterprise_linux_desktopredhat : linux_advanced_workstationredhat : linux_advanced_workstationsuse : suse_linuxsuse : suse_linuxsuse : suse_linuxsuse : suse_linuxsuse : suse_linuxsuse : suse_linuxsuse : suse_linuxsuse : suse_linux
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.