CVE-2002-1152 — Vulnetix

Try Vulnetix Request Demo

CVE-2002-1152 PUBLISHED CVSS 7.5 HIGH

Konqueror in KDE 3.0 through 3.0.2 does not properly detect the "secure" flag in an HTTP cookie, which could cause Konqueror to send the cookie across an unencrypted channel, which could allow remote attackers to steal the cookie via sniffing.

EPSS 1.43% · 80.5th percentile

Risk Scores

CVSS v2.0

7.5

EPSS Score

1.43%

80.5th percentile

Affected Products

Vendor	Product	Versions
kde	kde	3.0, 3.0.1, 3.0.2
n/a	n/a	*

Timeline

Oct 11, 2002 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score
Jul 10, 2023 EPSS Score
Aug 31, 2023 EPSS Score

References

RHSA-2002:220 vendor-advisory
http://www.kde.org/info/security/advisory-20020908-1.txt url
5691 vdb
20020910 KDE Security Advisory: Secure Cookie Vulnerability mailing-list
kde-konqueror-cookie-hijacking(10083) vdb
https://nvd.nist.gov/vuln/detail/CVE-2002-1152 advisory

Open in Interactive Console →