What is the severity of CVE-2005-4684?

CVE-2005-4684 is classified as a medium severity vulnerability due to its potential to allow remote users to manipulate cookies.

How do I fix CVE-2005-4684?

To fix CVE-2005-4684, ensure that you are using an updated version of KDE Konqueror that addresses this vulnerability.

Which versions of KDE Konqueror are affected by CVE-2005-4684?

CVE-2005-4684 affects multiple versions of KDE Konqueror, specifically version 2.1.1 and later up to 3.3.2.

What types of attacks can exploit CVE-2005-4684?

CVE-2005-4684 can be exploited through cookie manipulation, allowing attackers to create cookies associated with unintended domains.

Who reported CVE-2005-4684?

CVE-2005-4684 was reported in the Fulusdisclosure mailing list and addressed by various security resources in 2005.

Vulnerability/
CVE-2005-4684

medium

6.4

CWE

NVD-CWE-Other

31/12/2005

1/2/2006

7/8/2024

CVE-2005-4684

First published: Sat Dec 31 2005(Updated: )

Konqueror can associate a cookie with multiple domains when the DNS resolver has a non-root domain in its search list, which allows remote attackers to trick a user into accepting a cookie for a hostname formed via search-list expansion of the hostname entered by the user, or steal a cookie for an expanded hostname, as demonstrated by an attacker who operates an ap1.com Internet web site to steal cookies associated with an ap1.com.example.com intranet web site.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Konqueror	=3.2.2.6
Konqueror	=3.1.2
Konqueror	=3.0.2
Konqueror	=3.3
Konqueror	=2.2.2
Konqueror	=3.1
Konqueror	=3.0
Konqueror	=3.3.1
Konqueror	=3.0.1
Konqueror	=3.0.3
Konqueror	=3.1.1
Konqueror	=2.1.2
Konqueror	=3.2.3
Konqueror	=3.0.5b
Konqueror	=2.2.1
Konqueror	=3.1.3
Konqueror	=0.1
Konqueror	=3.3.2
Konqueror	=3.1.4
Konqueror	=3.2.1
Konqueror	=3.1.5
Konqueror	=2.1.1
Konqueror	=3.0.5

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2005-4684?
CVE-2005-4684 is classified as a medium severity vulnerability due to its potential to allow remote users to manipulate cookies.
How do I fix CVE-2005-4684?
To fix CVE-2005-4684, ensure that you are using an updated version of KDE Konqueror that addresses this vulnerability.
Which versions of KDE Konqueror are affected by CVE-2005-4684?
CVE-2005-4684 affects multiple versions of KDE Konqueror, specifically version 2.1.1 and later up to 3.3.2.
What types of attacks can exploit CVE-2005-4684?
CVE-2005-4684 can be exploited through cookie manipulation, allowing attackers to create cookies associated with unintended domains.
Who reported CVE-2005-4684?
CVE-2005-4684 was reported in the Fulusdisclosure mailing list and addressed by various security resources in 2005.

agent/type
agent/first-publish-date
collector/mitre-cve
source/MITRE
agent/severity
agent/weakness
agent/references
agent/author
agent/last-modified-date
agent/description
agent/event
agent/source
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
agent/softwarecombine
vendor/kde
canonical/konqueror
version/konqueror/3.2.2.6
version/konqueror/3.1.2
version/konqueror/3.0.2
version/konqueror/3.3
version/konqueror/2.2.2
version/konqueror/3.1
version/konqueror/3.0
version/konqueror/3.3.1
version/konqueror/3.0.1
version/konqueror/3.0.3
version/konqueror/3.1.1
version/konqueror/2.1.2
version/konqueror/3.2.3
version/konqueror/3.0.5b
version/konqueror/2.2.1
version/konqueror/3.1.3
version/konqueror/0.1
version/konqueror/3.3.2
version/konqueror/3.1.4
version/konqueror/3.2.1
version/konqueror/3.1.5
version/konqueror/2.1.1
version/konqueror/3.0.5