CVE-2004-0527

KDE Konqueror 2.1.1 and 2.2.2 - URL Spoofing via Image Map and A HREF Alt Attribute

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-0527. PoCs published by Drew Copley.

AI-analyzed exploit summary This is a writeup describing a URI obfuscation weakness in KDE Konqueror where an image within an HREF tag can deceive users into clicking a malicious link. The provided HTML example demonstrates how an attacker could exploit this to trick users into visiting an untrusted site.

Description

KDE Konqueror 2.1.1 and 2.2.2 allows remote attackers to spoof a legitimate URL in the status bar via A HREF tags with modified "alt" values that point to the legitimate site, combined with an image map whose href points to the malicious site, which facilitates a "phishing" attack.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Drew Copley · textremotelinux
https://www.exploit-db.com/exploits/24136

This is a writeup describing a URI obfuscation weakness in KDE Konqueror where an image within an HREF tag can deceive users into clicking a malicious link. The provided HTML example demonstrates how an attacker could exploit this to trick users into visiting an untrusted site.

Classification
Writeup 90%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: KDE Konqueror (version not specified)
No auth needed
Prerequisites: User interaction (clicking a malicious link)
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/6579
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/16102
Exploit, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/10383

Scores

EPSS 0.0576
EPSS Percentile 92.1%

Details

Status published
Products (12)
kde/konqueror 2.1.1
kde/konqueror 2.2.2
kde/konqueror 3.0
kde/konqueror 3.0.1
kde/konqueror 3.0.2
kde/konqueror 3.0.3
kde/konqueror 3.0.5
kde/konqueror 3.1
kde/konqueror 3.1.1
kde/konqueror 3.1.2
... and 2 more
Published Aug 06, 2004
Tracked Since Feb 18, 2026