Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The URI handlers in Konqueror for KDE 3.2.2 and earlier do not properly filter "-" characters that begin a hostname in a (1) telnet, (2) rlogin, (3) ssh, or (4) mailto URI, which allows remote attackers to manipulate the options that are passed to the associated programs, possibly to read arbitrary files or execute arbitrary code.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
KDE Konqueror 输入验证错误漏洞
Vulnerability Description
KDE Konqueror是用于任何类型的文件管理和文件预览。 KDE Konqueror 存在输入验证错误漏洞。KDE包含的各种URI处理器存在漏洞在系统上建立或截断文件,执行命令等操作。KDE包含的telnet、rlogin、 ssh和mailto URI处理器没有对主机名前的-字符串进行检查,可能传递一个选项给此处理器启动的程序。攻击者可以诱使用户打开一个特殊构建的telnet URI,可以用户进程在系统上建立或截断系统文件。攻击者以诱使用户打开一个特殊构建的mailto URI,可启动KMail程
CVSS Information
N/A
Vulnerability Type
N/A