Vulnerabilities

CVE-2003-0459

by Fred · 01/08/2003

KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites.

Date published : 2003-08-01

http://marc.info/?l=bugtraq&m=105986238428061&w=2

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000747

Similar

Tags: Cybersecurity Alert