Launchpad.net

CVE 2004-1158

Konqueror 3.x up to 3.2.2-6, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window or tab whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability.

Related bugs and status

CVE-2004-1158 (Candidate) is related to these bugs:

Bug #11326: kdelibs: CAN-2004-1145: Konqueror Java Vulnerability

Summary				In	Importance	Status
	11326	kdelibs: CAN-2004-1145: Konqueror Java Vulnerability		kdelibs (Ubuntu)	High	Fix Released
	11326	kdelibs: CAN-2004-1145: Konqueror Java Vulnerability		kdelibs (Debian)	Unknown	Fix Released

Bug #11467: KIOSlave FTP client can be made to send email

Summary				In	Importance	Status
	11467	KIOSlave FTP client can be made to send email		kdelibs (Ubuntu)	High	Invalid
	11467	KIOSlave FTP client can be made to send email		kdelibs (Debian)	Unknown	Fix Released

Bug #11565: CAN-2004-1165: FTP command injection bug

Summary				In	Importance	Status
	11565	CAN-2004-1165: FTP command injection bug		kdelibs (Ubuntu)	High	Fix Released
	11565	CAN-2004-1165: FTP command injection bug		kdelibs (Debian)	Unknown	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2004-1158

Related bugs and status

Related bugs

References