5

CVE-2004-1145

EPSS 6.72%
Published 15.12.2004 05:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files.

Affected products Warnungen 0 Metrics 2 CWE 0 References 13

Data is provided by the National Vulnerability Database (NVD)

Ethereal Group ≫ Ethereal Version0.9

Ethereal Group ≫ Ethereal Version0.9.1

Ethereal Group ≫ Ethereal Version0.9.2

Ethereal Group ≫ Ethereal Version0.9.3

Ethereal Group ≫ Ethereal Version0.9.4

Ethereal Group ≫ Ethereal Version0.9.5

Ethereal Group ≫ Ethereal Version0.9.6

Ethereal Group ≫ Ethereal Version0.9.7

Ethereal Group ≫ Ethereal Version0.9.8

Ethereal Group ≫ Ethereal Version0.9.9

Ethereal Group ≫ Ethereal Version0.9.10

Ethereal Group ≫ Ethereal Version0.9.11

Ethereal Group ≫ Ethereal Version0.9.12

Ethereal Group ≫ Ethereal Version0.9.13

Ethereal Group ≫ Ethereal Version0.9.14

Ethereal Group ≫ Ethereal Version0.9.15

Ethereal Group ≫ Ethereal Version0.9.16

Ethereal Group ≫ Ethereal Version0.10

Ethereal Group ≫ Ethereal Version0.10.1

Ethereal Group ≫ Ethereal Version0.10.2

Ethereal Group ≫ Ethereal Version0.10.3

Ethereal Group ≫ Ethereal Version0.10.4

Ethereal Group ≫ Ethereal Version0.10.5

Ethereal Group ≫ Ethereal Version0.10.6

Ethereal Group ≫ Ethereal Version0.10.7

Sgi ≫ Propack Version3.0

Conectiva ≫ Linux Version9.0

Conectiva ≫ Linux Version10.0

Altlinux ≫ Alt Linux Version2.3 Editioncompact

Altlinux ≫ Alt Linux Version2.3 Editionjunior

Debian ≫ Debian Linux Version3.0 Editionalpha

Debian ≫ Debian Linux Version3.0 Editionarm

Debian ≫ Debian Linux Version3.0 Editionhppa

Debian ≫ Debian Linux Version3.0 Editionia-32

Debian ≫ Debian Linux Version3.0 Editionia-64

Debian ≫ Debian Linux Version3.0 Editionm68k

Debian ≫ Debian Linux Version3.0 Editionmips

Debian ≫ Debian Linux Version3.0 Editionmipsel

Debian ≫ Debian Linux Version3.0 Editionppc

Debian ≫ Debian Linux Version3.0 Editions-390

Debian ≫ Debian Linux Version3.0 Editionsparc

Redhat ≫ Enterprise Linux Version2.1 Editionadvanced_server

Redhat ≫ Enterprise Linux Version2.1 Editionadvanced_server_ia64

Redhat ≫ Enterprise Linux Version2.1 Editionenterprise_server

Redhat ≫ Enterprise Linux Version2.1 Editionenterprise_server_ia64

Redhat ≫ Enterprise Linux Version2.1 Editionworkstation

Redhat ≫ Enterprise Linux Version2.1 Editionworkstation_ia64

Redhat ≫ Enterprise Linux Version3.0 Editionadvanced_server

Redhat ≫ Enterprise Linux Version3.0 Editionenterprise_server

Redhat ≫ Enterprise Linux Version3.0 Editionworkstation_server

Redhat ≫ Enterprise Linux Desktop Version3.0

Redhat ≫ Linux Advanced Workstation Version2.1 Editionia64

Redhat ≫ Linux Advanced Workstation Version2.1 Editionitanium_processor

Suse ≫ Suse Linux Version8.0

Suse ≫ Suse Linux Version8.0 Editioni386

Suse ≫ Suse Linux Version8.1

Suse ≫ Suse Linux Version8.2

Suse ≫ Suse Linux Version9.0

Suse ≫ Suse Linux Version9.0 Editionx86_64

Suse ≫ Suse Linux Version9.1

Suse ≫ Suse Linux Version9.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	6.72%	0.903

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:P/A:N

http://marc.info/?l=bugtraq&m=110356286722875&w=2

http://secunia.com/advisories/13586

Patch

Vendor Advisory

http://www.gentoo.org/security/en/glsa/glsa-200501-16.xml

Patch

Vendor Advisory

http://www.heise.de/security/dienste/browsercheck/tests/java.shtml

Vendor Advisory

http://www.kb.cert.org/vuls/id/420222

Patch

Third Party Advisory

US Government Resource

http://www.kde.org/info/security/advisory-20041220-1.txt

Patch

Vendor Advisory

http://www.mandriva.com/security/advisories?name=MDKSA-2004:154

http://www.redhat.com/support/errata/RHSA-2005-065.html

Patch

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/18596

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10173

https://nvd.nist.gov/vuln/detail/CVE-2004-1145

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2004-1145

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2004-1145

EUVD