Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2007:0909

The remote host is missing updates announced in
advisory RHSA-2007:0909.

The kdelibs package provides libraries for the K Desktop Environment (KDE).

Two cross-site-scripting flaws were found in the way Konqueror processes
certain HTML content. This could result in a malicious attacker presenting
misleading content to an unsuspecting user. (CVE-2007-0242, CVE-2007-0537)

A flaw was found in KDE JavaScript implementation. A web page containing
malicious JavaScript code could cause Konqueror to crash. (CVE-2007-1308)

A flaw was found in the way Konqueror handled certain FTP PASV commands.
A malicious FTP server could use this flaw to perform a rudimentary
port-scan of machines behind a user's firewall. (CVE-2007-1564)

Two Konqueror address spoofing flaws have been discovered. It was
possible for a malicious website to cause the Konqueror address bar to
display information which could trick a user into believing they are at a
different website than they actually are. (CVE-2007-3820, CVE-2007-4224)

Users of KDE should upgrade to these updated packages, which contain
backported patches to correct these issues.

Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

Risk factor : High

CVSS Score:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2007-0242
BugTraq ID: 23269
Debian Security Information: DSA-1292 (Google Search)
RedHat Security Advisories: RHSA-2011:1324
SGI Security Advisory: 20070901-01-P
SuSE Security Announcement: SUSE-SR:2007:006 (Google Search)
XForce ISS Database: qt-utf8-xss(33397)
Common Vulnerability Exposure (CVE) ID: CVE-2007-0537
BugTraq ID: 22428
Bugtraq: 20070124 Re: Safari Improperly Parses HTML Documents & BlogSpot XSS vulnerability (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2007-1308
BugTraq ID: 22814
Bugtraq: 20070304 Konqueror DoS Via JavaScript Read Of FTP Iframe (Google Search)
XForce ISS Database: konqueror-ftp-dos(32798)
Common Vulnerability Exposure (CVE) ID: CVE-2007-1564
BugTraq ID: 23091
Common Vulnerability Exposure (CVE) ID: CVE-2007-3820
BugTraq ID: 24912
BugTraq ID: 24918
Bugtraq: 20070713 Opera/Konqueror: data: URL scheme address bar spoofing (Google Search)
Bugtraq: 20070714 Re: Opera/Konqueror: data: URL scheme address bar spoofing (Google Search)
XForce ISS Database: opera-konqueror-addressbar-spoofing(35430)
Common Vulnerability Exposure (CVE) ID: CVE-2007-4224
BugTraq ID: 25219
Bugtraq: 20070806 Konqueror: URL address bar spoofing vulnerabilities (Google Search)
Bugtraq: 20070806 Re: Konqueror: URL address bar spoofing vulnerabilities (Google Search)
Bugtraq: 20070806 Re: Konqueror: URL address bar spoofingvulnerabilities (Google Search)
Bugtraq: 20070807 Re: [Full-disclosure] Konqueror: URL address bar spoofing vulnerabilities (Google Search)
SuSE Security Announcement: SUSE-SR:2007:021 (Google Search)
XForce ISS Database: konqueror-setinterval-spoofing(35828)
CopyrightCopyright (c) 2007 E-Soft Inc.

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.