DescriptionKonqueror 3.x up to 3.2.2-6, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window or tab whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability.
Overall state of this security issue: Resolved
This issue is currently rated as having important severity.
|National Vulnerability Database|
SUSE Security Advisories:
- SUSE-SR:2004:004, published Thursday, Dec 16th 2004 12:00 MEST
- SUSE-SR:2004:005, published Tuesday, Dec 21th 2004 15:00 MEST
- SUSE-SR:2005:001, published Wednesday, Jan 12th 2004 18:00 MEST
- SUSE-SR:2005:003, published Wednesday, Feb 4th 2005 15:00 MEST
SUSE Timeline for this CVECVE page created: Fri Jun 28 01:05:14 2013
CVE page last modified: Fri Oct 7 12:45:29 2022