{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-06-06T00:00:00", "descriptions": [{"lang": "en", "value": "Visual truncation vulnerability in Konqueror 3.5.5 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after a certain number of characters, as demonstrated by a phishing attack using HTTP Basic Authentication."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "24352", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/24352"}, {"name": "43465", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/43465"}, {"name": "multiple-basic-authentication-spoofing(34983)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34983"}, {"tags": ["x_refsource_MISC"], "url": "http://testing.bitsploit.de/test.html"}, {"tags": ["x_refsource_MISC"], "url": "http://www.0x000000.com/?i=334"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-3143", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Visual truncation vulnerability in Konqueror 3.5.5 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after a certain number of characters, as demonstrated by a phishing attack using HTTP Basic Authentication."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "24352", "refsource": "BID", "url": "http://www.securityfocus.com/bid/24352"}, {"name": "43465", "refsource": "OSVDB", "url": "http://osvdb.org/43465"}, {"name": "multiple-basic-authentication-spoofing(34983)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34983"}, {"name": "http://testing.bitsploit.de/test.html", "refsource": "MISC", "url": "http://testing.bitsploit.de/test.html"}, {"name": "http://www.0x000000.com/?i=334", "refsource": "MISC", "url": "http://www.0x000000.com/?i=334"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T14:05:28.649Z"}, "title": "CVE Program Container", "references": [{"name": "24352", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/24352"}, {"name": "43465", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/43465"}, {"name": "multiple-basic-authentication-spoofing(34983)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34983"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://testing.bitsploit.de/test.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.0x000000.com/?i=334"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-3143", "datePublished": "2007-06-11T18:00:00", "dateReserved": "2007-06-11T00:00:00", "dateUpdated": "2024-08-07T14:05:28.649Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:kde:konqueror:3.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "B8920C38-1362-48FA-91AB-77E17F43CF82", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Visual truncation vulnerability in Konqueror 3.5.5 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after a certain number of characters, as demonstrated by a phishing attack using HTTP Basic Authentication."}, {"lang": "es", "value": "Vulnerabilidad de truncamiento visual en Konqueror 3.5.5 permite a atacantes remotos envenenar la barra de direcci\u00f3n y posiblemente realizar ataques de phishing a trav\u00e9s de un nombre de host largo, el cual est\u00e1 truncado despu\u00e9s de un cierto n\u00famero de caracteres, como se demostr\u00f3 por un ataque de phishing utilizando HTTP Basic Authentication."}], "id": "CVE-2007-3143", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-06-11T18:30:00.000", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/43465"}, {"source": "cve@mitre.org", "url": "http://testing.bitsploit.de/test.html"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.0x000000.com/?i=334"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/24352"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34983"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/43465"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://testing.bitsploit.de/test.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.0x000000.com/?i=334"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/24352"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34983"}], "sourceIdentifier": "cve@mitre.org", "vendorComments": [{"comment": "Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=252169\n\nThe Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw.", "lastModified": "2007-08-17T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "konqueror visual hostname truncation in HTTP authentication dialog", "id": "252169", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=252169"}, "csaw": false, "cvss": {"cvss_base_score": "2.6", "cvss_scoring_vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N", "status": "draft"}, "cwe": "CWE-222", "details": ["Visual truncation vulnerability in Konqueror 3.5.5 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after a certain number of characters, as demonstrated by a phishing attack using HTTP Basic Authentication."], "name": "CVE-2007-3143", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:4", "fix_state": "Will not fix", "package_name": "kdebase", "product_name": "Red Hat Enterprise Linux 4"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "kdebase", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "kdebase", "product_name": "Red Hat Enterprise Linux 6"}], "public_date": "2007-06-06T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2007-3143\nhttps://nvd.nist.gov/vuln/detail/CVE-2007-3143"], "statement": "Red Hat Product Security has rated this issue as having Low security impact. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.", "threat_severity": "Low"}

{}