5

CVE-2004-1145

EPSS 6.72%
Veröffentlicht 15.12.2004 05:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 13

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Ethereal Group ≫ Ethereal Version0.9

Ethereal Group ≫ Ethereal Version0.9.1

Ethereal Group ≫ Ethereal Version0.9.2

Ethereal Group ≫ Ethereal Version0.9.3

Ethereal Group ≫ Ethereal Version0.9.4

Ethereal Group ≫ Ethereal Version0.9.5

Ethereal Group ≫ Ethereal Version0.9.6

Ethereal Group ≫ Ethereal Version0.9.7

Ethereal Group ≫ Ethereal Version0.9.8

Ethereal Group ≫ Ethereal Version0.9.9

Ethereal Group ≫ Ethereal Version0.9.10

Ethereal Group ≫ Ethereal Version0.9.11

Ethereal Group ≫ Ethereal Version0.9.12

Ethereal Group ≫ Ethereal Version0.9.13

Ethereal Group ≫ Ethereal Version0.9.14

Ethereal Group ≫ Ethereal Version0.9.15

Ethereal Group ≫ Ethereal Version0.9.16

Ethereal Group ≫ Ethereal Version0.10

Ethereal Group ≫ Ethereal Version0.10.1

Ethereal Group ≫ Ethereal Version0.10.2

Ethereal Group ≫ Ethereal Version0.10.3

Ethereal Group ≫ Ethereal Version0.10.4

Ethereal Group ≫ Ethereal Version0.10.5

Ethereal Group ≫ Ethereal Version0.10.6

Ethereal Group ≫ Ethereal Version0.10.7

Sgi ≫ Propack Version3.0

Conectiva ≫ Linux Version9.0

Conectiva ≫ Linux Version10.0

Altlinux ≫ Alt Linux Version2.3 Editioncompact

Altlinux ≫ Alt Linux Version2.3 Editionjunior

Debian ≫ Debian Linux Version3.0 Editionalpha

Debian ≫ Debian Linux Version3.0 Editionarm

Debian ≫ Debian Linux Version3.0 Editionhppa

Debian ≫ Debian Linux Version3.0 Editionia-32

Debian ≫ Debian Linux Version3.0 Editionia-64

Debian ≫ Debian Linux Version3.0 Editionm68k

Debian ≫ Debian Linux Version3.0 Editionmips

Debian ≫ Debian Linux Version3.0 Editionmipsel

Debian ≫ Debian Linux Version3.0 Editionppc

Debian ≫ Debian Linux Version3.0 Editions-390

Debian ≫ Debian Linux Version3.0 Editionsparc

Redhat ≫ Enterprise Linux Version2.1 Editionadvanced_server

Redhat ≫ Enterprise Linux Version2.1 Editionadvanced_server_ia64

Redhat ≫ Enterprise Linux Version2.1 Editionenterprise_server

Redhat ≫ Enterprise Linux Version2.1 Editionenterprise_server_ia64

Redhat ≫ Enterprise Linux Version2.1 Editionworkstation

Redhat ≫ Enterprise Linux Version2.1 Editionworkstation_ia64

Redhat ≫ Enterprise Linux Version3.0 Editionadvanced_server

Redhat ≫ Enterprise Linux Version3.0 Editionenterprise_server

Redhat ≫ Enterprise Linux Version3.0 Editionworkstation_server

Redhat ≫ Enterprise Linux Desktop Version3.0

Redhat ≫ Linux Advanced Workstation Version2.1 Editionia64

Redhat ≫ Linux Advanced Workstation Version2.1 Editionitanium_processor

Suse ≫ Suse Linux Version8.0

Suse ≫ Suse Linux Version8.0 Editioni386

Suse ≫ Suse Linux Version8.1

Suse ≫ Suse Linux Version8.2

Suse ≫ Suse Linux Version9.0

Suse ≫ Suse Linux Version9.0 Editionx86_64

Suse ≫ Suse Linux Version9.1

Suse ≫ Suse Linux Version9.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	6.72%	0.903

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:P/A:N

http://marc.info/?l=bugtraq&m=110356286722875&w=2

http://secunia.com/advisories/13586

Patch

Vendor Advisory

http://www.gentoo.org/security/en/glsa/glsa-200501-16.xml

Patch

Vendor Advisory

http://www.heise.de/security/dienste/browsercheck/tests/java.shtml

Vendor Advisory

http://www.kb.cert.org/vuls/id/420222

Patch

Third Party Advisory

US Government Resource

http://www.kde.org/info/security/advisory-20041220-1.txt

Patch

Vendor Advisory

http://www.mandriva.com/security/advisories?name=MDKSA-2004:154

http://www.redhat.com/support/errata/RHSA-2005-065.html

Patch

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/18596

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10173

https://nvd.nist.gov/vuln/detail/CVE-2004-1145

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2004-1145

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2004-1145

EUVD