LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

kdebase: several vulnerabilities

Package(s):kdebase CVE #(s):CVE-2007-3820 CVE-2007-4224 CVE-2007-4225
Created:August 20, 2007 Updated:October 8, 2007
Description: konqueror/konq_combo.cc in Konqueror 3.5.7 allows remote attackers to spoof the data: URI scheme in the address bar via a long URI with trailing whitespace, which prevents the beginning of the URI from being displayed. (CVE-2007-3820)

KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar by calling setInterval with a small interval and changing the window.location property. (CVE-2007-4224)

Visual truncation vulnerability in KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar via an http URI with a large amount of whitespace in the user/password portion. (CVE-2007-4225)

Alerts:
Red Hat RHSA-2007:0909-01 2007-10-08
Red Hat RHSA-2007:0905-01 2007-10-08
Fedora FEDORA-2007-716 2007-10-08
Mandriva MDKSA-2007:176 2007-09-06
rPath rPSA-2007-0177-1 2007-09-05
Ubuntu USN-502-1 2007-08-23
Fedora FEDORA-2007-1699 2007-08-20
Fedora FEDORA-2007-1700 2007-08-20
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds