|
|
Log in / Subscribe / Register

messagelib: two vulnerabilities

Package(s):messagelib CVE #(s):CVE-2016-7967 CVE-2016-7968
Created:October 10, 2016 Updated:October 12, 2016
Description: From the Arch Linux advisory:

CVE-2016-7967 (cross-site scripting): KMail since version 5.3.0 used a QWebEngine based viewer that had JavaScript enabled. Since the generated html is executed in the local file security context by default access to remote and local URLs was enabled.

CVE-2016-7968 (insufficient validation): KMail since version 5.3.0 used a QWebEngine based viewer that had JavaScript enabled. HTML Mail contents were not sanitized for JavaScript and included code was executed.

Alerts:
Fedora FEDORA-2016-f7a079f775 kdepimlibs 2016-11-11
Fedora FEDORA-2016-c9d15bbcbb kdepimlibs 2016-11-03
Fedora FEDORA-2016-1b042a79bd kleopatra 2016-10-30
Fedora FEDORA-2016-1b042a79bd kf5-syndication 2016-10-30
Fedora FEDORA-2016-1b042a79bd kf5-pimcommon 2016-10-30
Fedora FEDORA-2016-1b042a79bd kf5-messagelib 2016-10-30
Fedora FEDORA-2016-1b042a79bd kf5-mailimporter 2016-10-30
Fedora FEDORA-2016-1b042a79bd kf5-mailcommon 2016-10-30
Fedora FEDORA-2016-1b042a79bd kf5-libksieve 2016-10-30
Fedora FEDORA-2016-1b042a79bd kf5-libkleo 2016-10-30
Fedora FEDORA-2016-1b042a79bd kf5-libkdepim 2016-10-30
Fedora FEDORA-2016-1b042a79bd kf5-libgravatar 2016-10-30
Fedora FEDORA-2016-1b042a79bd kf5-ktnef 2016-10-30
Fedora FEDORA-2016-1b042a79bd kf5-kpimtextedit 2016-10-30
Fedora FEDORA-2016-1b042a79bd kf5-kontactinterface 2016-10-30
Fedora FEDORA-2016-1b042a79bd kf5-kmime 2016-10-30
Fedora FEDORA-2016-1b042a79bd kf5-kmbox 2016-10-30
Fedora FEDORA-2016-1b042a79bd kf5-kmailtransport 2016-10-30
Fedora FEDORA-2016-1b042a79bd kf5-kldap 2016-10-30
Fedora FEDORA-2016-1b042a79bd kf5-kimap 2016-10-30
Fedora FEDORA-2016-1b042a79bd kf5-kidentitymanagement 2016-10-30
Fedora FEDORA-2016-1b042a79bd kf5-kholidays 2016-10-30
Fedora FEDORA-2016-1b042a79bd kf5-kdgantt2 2016-10-30
Fedora FEDORA-2016-1b042a79bd kf5-kcontacts 2016-10-30
Fedora FEDORA-2016-1b042a79bd kf5-kcalendarutils 2016-10-30
Fedora FEDORA-2016-1b042a79bd kf5-kcalendarcore 2016-10-30
Fedora FEDORA-2016-1b042a79bd kf5-kblog 2016-10-30
Fedora FEDORA-2016-1b042a79bd kf5-kalarmcal 2016-10-30
Fedora FEDORA-2016-1b042a79bd kf5-incidenceeditor 2016-10-30
Fedora FEDORA-2016-1b042a79bd kf5-grantleetheme 2016-10-30
Fedora FEDORA-2016-1b042a79bd kf5-gpgmepp 2016-10-30
Fedora FEDORA-2016-1b042a79bd kf5-eventviews 2016-10-30
Fedora FEDORA-2016-1b042a79bd kf5-calendarsupport 2016-10-30
Fedora FEDORA-2016-1b042a79bd kf5-akonadi-server 2016-10-30
Fedora FEDORA-2016-1b042a79bd kf5-akonadi-search 2016-10-30
Fedora FEDORA-2016-1b042a79bd kf5-akonadi-notes 2016-10-30
Fedora FEDORA-2016-1b042a79bd kf5-akonadi-mime 2016-10-30
Fedora FEDORA-2016-1b042a79bd kf5-akonadi-contacts 2016-10-30
Fedora FEDORA-2016-1b042a79bd kf5-akonadi-calendar 2016-10-30
Fedora FEDORA-2016-1b042a79bd kdepim-runtime 2016-10-30
Fedora FEDORA-2016-1b042a79bd kdepim-apps-libs 2016-10-30
Fedora FEDORA-2016-1b042a79bd kdepim-addons 2016-10-30
Fedora FEDORA-2016-1b042a79bd kdepim 2016-10-30
Arch Linux ASA-201610-5 messagelib 2016-10-07
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds