ID de Prueba:	1.3.6.1.4.1.25623.1.0.57825
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2007:031 (kdelibs)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to kdelibs announced via advisory MDKSA-2007:031. FIXME Konqueror 3.5.5 does not properly parse HTML comments in title tags, which allows remote attackers to conduct cross-site scripting (XSS) attacks and bypass some XSS protection schemes by embedding certain HTML tags within a comment, a related issue to CVE-2007-0478. Updated packages have been patched to correct this issue. Affected: 2007.0, Corporate 3.0, Corporate 4.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2007:031 Risk factor : Medium CVSS Score: 4.3
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-0478 http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html BugTraq ID: 25159 http://www.securityfocus.com/bid/25159 Bugtraq: 20070123 Safari Improperly Parses HTML Documents & BlogSpot XSS vulnerability (Google Search) http://www.securityfocus.com/archive/1/457763/100/0/threaded http://www.beanfuzz.com/wordpress/?p=99 http://osvdb.org/32712 http://securitytracker.com/id?1018494 http://secunia.com/advisories/23893 http://secunia.com/advisories/26235 http://www.vupen.com/english/advisories/2007/2732 XForce ISS Database: safari-html-comment-xss(31846) https://exchange.xforce.ibmcloud.com/vulnerabilities/31846 Common Vulnerability Exposure (CVE) ID: CVE-2007-0537 BugTraq ID: 22428 http://www.securityfocus.com/bid/22428 Bugtraq: 20070124 Re: Safari Improperly Parses HTML Documents & BlogSpot XSS vulnerability (Google Search) http://www.securityfocus.com/archive/1/457924/100/0/threaded http://www.gentoo.org/security/en/glsa/glsa-200703-10.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:031 http://www.mandriva.com/security/advisories?name=MDKSA-2007:157 http://osvdb.org/32975 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10244 http://www.redhat.com/support/errata/RHSA-2007-0909.html http://securitytracker.com/id?1017591 http://secunia.com/advisories/23932 http://secunia.com/advisories/24013 http://secunia.com/advisories/24065 http://secunia.com/advisories/24442 http://secunia.com/advisories/24463 http://secunia.com/advisories/24889 http://secunia.com/advisories/27108 SuSE Security Announcement: SUSE-SR:2007:006 (Google Search) http://www.novell.com/linux/security/advisories/2007_6_sr.html http://www.ubuntu.com/usn/usn-420-1 http://www.vupen.com/english/advisories/2007/0505
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.