General : rekonq 'Error Page' Cross-Site Scripting Vulnerabilities

Resumen de Precio/Funciones | Ordenar | Nuevas Vulnerabilidades | Confidencialidad | Búsqueda de Vulnerabilidad

Búsqueda de Vulnerabilidad		Buscar 61204 Descripciones CVE y 32582 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.801422

Categoría: General

Título: rekonq 'Error Page' Cross-Site Scripting Vulnerabilities

Resumen: Check for the version of rekonq

Descripción:
Overview: This host is installed with rekonq and is prone to cross-site
scripting vulnerabilities.

Vulnerability Insight:
The multiple flaws are due to:
- An error in the handling of a URL associated with a nonexistent domain name
which is related to 'webpage.cpp',
- An error in hanlding of unspecified vectors related to 'webview.cpp'
- An error in the handing of 'about:' views for favorites, bookmarks, closed
tabs, and history.

Impact:
Successful exploitation will allow attackers to crash fresh instance, inject
the malicious content into error message, access the cookies when the hostname
under which the cookies have been set.

Impact Level: Application.

Affected Software:
Rekonq version 0.5 and prior.

Fix: No solution or patch is available as of 09th August, 2010. Information
regarding this issue will be updated once the solution details are available.
For updates refer to http://sourceforge.net/projects/rekonq/files/

References:
http://secunia.com/advisories/40646
https://bugs.kde.org/show_bug.cgi?id=217464
http://marc.info/?l=oss-security&m=127971194610788&w=2

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-2536
http://marc.info/?l=oss-security&m=127973502617945&w=2
http://marc.info/?l=oss-security&m=127971194610788&w=2
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049406.html
http://www.osvdb.org/66568
http://secunia.com/advisories/40646
http://www.vupen.com/english/advisories/2010/2689

Copyright Copyright (C) 2010 Greenbone Networks GmbH

Esta es sólo una de 32582 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

Registro de Nuevo Usuario
Email:

Usuario:

Contraseña:

Envíeme por email sus boletines mensuales, informándome los últimos servicios, mejoras y encuestas.

Por favor envíeme por email un anuncio de prueba de vulnerabilidades siempre que se agregue una nueva prueba.

Privacidad

Ingreso de Usuario Registrado

Usuario:

Contraseña:

¿Olvidó su usuario o contraseña??

Email/ID de Usario:

ID de Prueba:	1.3.6.1.4.1.25623.1.0.801422
Categoría:	General
Título:	rekonq 'Error Page' Cross-Site Scripting Vulnerabilities
Resumen:	Check for the version of rekonq
Descripción:	Overview: This host is installed with rekonq and is prone to cross-site scripting vulnerabilities. Vulnerability Insight: The multiple flaws are due to: - An error in the handling of a URL associated with a nonexistent domain name which is related to 'webpage.cpp', - An error in hanlding of unspecified vectors related to 'webview.cpp' - An error in the handing of 'about:' views for favorites, bookmarks, closed tabs, and history. Impact: Successful exploitation will allow attackers to crash fresh instance, inject the malicious content into error message, access the cookies when the hostname under which the cookies have been set. Impact Level: Application. Affected Software: Rekonq version 0.5 and prior. Fix: No solution or patch is available as of 09th August, 2010. Information regarding this issue will be updated once the solution details are available. For updates refer to http://sourceforge.net/projects/rekonq/files/ References: http://secunia.com/advisories/40646 https://bugs.kde.org/show_bug.cgi?id=217464 http://marc.info/?l=oss-security&m=127971194610788&w=2
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-2536 http://marc.info/?l=oss-security&m=127973502617945&w=2 http://marc.info/?l=oss-security&m=127971194610788&w=2 http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049406.html http://www.osvdb.org/66568 http://secunia.com/advisories/40646 http://www.vupen.com/english/advisories/2010/2689
Copyright	Copyright (C) 2010 Greenbone Networks GmbH