Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2003-0592

Konqueror in KDE 3.1.3 and earlier (kdelibs) allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Konqueror to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application.

  • Published: Apr 15, 2004
  • Updated: Apr 13, 2023
  • CVE: CVE-2003-0592
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Software From Fixed in
kde / konqueror 3.1.2 3.1.2.x
kde / konqueror 3.0.2 3.0.2.x
kde / konqueror 2.2.2 2.2.2.x
kde / konqueror 3.1 3.1.x
kde / konqueror 3.0 3.0.x
kde / konqueror 3.0.1 3.0.1.x
kde / konqueror 3.0.3 3.0.3.x
kde / konqueror 3.1.1 3.1.1.x
kde / konqueror_embedded 0.1 0.1.x
kde / konqueror 2.1.1 2.1.1.x
kde / konqueror 3.0.5 3.0.5.x