(KDE Issues Patches) KDE Konqueror 'data:' URL Display Bug Lets Remote Users Spoof the Address Bar
|
|
SecurityTracker Alert ID: 1018580 |
|
SecurityTracker URL: http://securitytracker.com/id/1018580
|
|
CVE Reference:
CVE-2007-3820
(Links to External Site)
|
Updated: Sep 14 2007
|
Original Entry Date: Aug 16 2007
|
Impact:
Modification of user information
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 3.5.7
|
Description:
A vulnerability was reported in KDE Konqueror. A remote user can spoof the URL address bar.
The browser does not properly display the contents of the URL bar when rendering 'data:' URLs. A remote user can create specially crafted HTML that, when loaded by the target user, will redirect the browser to a web page that will display an arbitrary URL in the address bar.
Robert Swiecki reported this vulnerability.
|
Impact:
A remote user can spoof the URL address bar contents.
|
Solution:
The vendor has issued the following patches, available at:
ftp://ftp.kde.org/pub/kde/security_patches
For 3.5.7 and newer:
e15d6b5580c5a20ab935f8e553d113e0 post-3.5.7-kdebase-konqueror-2.diff
4c0fb2576875ded606f276421fc49752 post-3.5.7-kdelibs-kdecore-2.diff
For 3.4.2 and newer:
d9a07e8d9a138ef9da90b7af8e35d977 post-3.4.2-kdebase-konqueror.diff
On September 14, 2007, the above listed patches were released as part of an updated advisory, issued to replace the original advisory.
The new KDE advisory is available at:
http://www.kde.org/info/security/advisory-20070914-1.txt
The original KDE advisory is available at:
http://www.kde.org/info/security/advisory-20070816-1.txt
|
Vendor URL: www.kde.org/info/security/advisory-20070914-1.txt (Links to External Site)
|
Cause:
State error
|
Underlying OS:
Linux (Any)
|
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Date: Thu, 16 Aug 2007 14:55:13 -0400
Subject: KDE Konqueror
|
KDE Security Advisory: konqueror address bar spoofing
Original Release Date: 2007-08-16
URL: http://www.kde.org/info/security/advisory-20070816-1.txt
0. References
CVE-2007-4224
CVE-2007-4225
CVE-2007-3820
1. Systems affected:
Konqueror as shipped with KDE up to including KDE 3.5.7.
2. Overview:
The Konqueror address bar is vulnerable to spoofing attacks
that are based on embedding white spaces in the url. In addition
the address bar could be tricked to show an URL which it is
intending to visit for a short amount of time instead of the
current URL.
3. Impact:
Malicious web sites could spoof another website's URL. The
attack is limited to the address bar, it does not affect
additional security measures, like for example the SSL certificate
validation.
4. Solution:
Source code patches have been made available which fix these
vulnerabilities. Contact your OS vendor / binary package provider
for information about how to obtain updated binary packages.
5. Patch:
Patches for KDE 3.5.7 and newer is available from
ftp://ftp.kde.org/pub/kde/security_patches :
944209ee05e2e64cf654ffbbac1711e7 post-3.5.7-kdelibs-kdecore.diff
e15d6b5580c5a20ab935f8e553d113e0 post-3.5.7-kdebase-konqueror.diff
|
|
