Konqueror in KDE 3.2.3 and previous versions allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote malicious users to perform a session fixation attack and hijack a user's HTTP session.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
kde konqueror 3.1.2 |
||
kde konqueror 3.0.2 |
||
kde konqueror 3.1 |
||
kde konqueror 3.0 |
||
kde konqueror 3.0.1 |
||
kde konqueror 3.0.3 |
||
kde konqueror 3.1.1 |
||
kde konqueror 3.2.3 |
||
kde konqueror 3.0.5b |
||
kde konqueror 3.1.3 |
||
kde konqueror 3.2.1 |
||
kde konqueror 3.1.5 |
||
kde konqueror 3.0.5 |
||
suse suse linux 9.0 |
||
suse suse linux 8.2 |
||
suse suse linux 8 |
||
mandrakesoft mandrake linux 9.2 |
||
suse suse linux 9.1 |
||
kde kde 3.1.3 |
||
gentoo linux 1.4 |
||
mandrakesoft mandrake linux 10.0 |
||
kde kde 3.2 |
||
suse suse linux 8.1 |