English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 146377 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.59191
Category:Ubuntu Local Security Checks
Title:Ubuntu USN-502-1 (kdelibs)
Summary:NOSUMMARY
Description:Description:

The remote host is missing an update to kdelibs
announced via advisory USN-502-1.

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 6.10
Ubuntu 7.04

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

Details follow:

It was discovered that Konqueror could be tricked into displaying
incorrect URLs. Remote attackers could exploit this to increase their
chances of tricking a user into visiting a phishing URL, which could
lead to credential theft.

Solution:
The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
kdelibs4c2a 4:3.5.2-0ubuntu18.5
konqueror 4:3.5.2-0ubuntu27.1

Ubuntu 6.10:
kdelibs4c2a 4:3.5.5-0ubuntu3.5
konqueror 4:3.5.5-0ubuntu3.5

Ubuntu 7.04:
kdelibs4c2a 4:3.5.6-0ubuntu14.1
konqueror 4:3.5.6-0ubuntu20.2

After a standard system upgrade you need to restart your session to
effect the necessary changes.

http://www.securityspace.com/smysecure/catid.html?in=USN-502-1

Risk factor : High

CVSS Score:
6.8

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2007-3820
BugTraq ID: 24912
http://www.securityfocus.com/bid/24912
BugTraq ID: 24918
http://www.securityfocus.com/bid/24918
Bugtraq: 20070713 Opera/Konqueror: data: URL scheme address bar spoofing (Google Search)
http://www.securityfocus.com/archive/1/473703/100/0/threaded
Bugtraq: 20070714 Re: Opera/Konqueror: data: URL scheme address bar spoofing (Google Search)
http://www.securityfocus.com/archive/1/473712/100/0/threaded
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00022.html
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00085.html
http://www.mandriva.com/security/advisories?name=MDKSA-2007:176
http://alt.swiecki.net/oper1.html
http://osvdb.org/37242
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10345
http://www.redhat.com/support/errata/RHSA-2007-0905.html
http://www.redhat.com/support/errata/RHSA-2007-0909.html
http://www.securitytracker.com/id?1018396
http://secunia.com/advisories/26091
http://secunia.com/advisories/26612
http://secunia.com/advisories/26720
http://secunia.com/advisories/27089
http://secunia.com/advisories/27090
http://secunia.com/advisories/27096
http://secunia.com/advisories/27106
http://secunia.com/advisories/27108
http://securityreason.com/securityalert/2905
http://www.ubuntu.com/usn/usn-502-1
http://www.vupen.com/english/advisories/2007/2538
XForce ISS Database: opera-konqueror-addressbar-spoofing(35430)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35430
Common Vulnerability Exposure (CVE) ID: CVE-2007-4224
BugTraq ID: 25219
http://www.securityfocus.com/bid/25219
Bugtraq: 20070806 Konqueror: URL address bar spoofing vulnerabilities (Google Search)
http://www.securityfocus.com/archive/1/475689/100/0/threaded
Bugtraq: 20070806 Re: Konqueror: URL address bar spoofing vulnerabilities (Google Search)
http://www.securityfocus.com/archive/1/475731/100/0/threaded
Bugtraq: 20070806 Re: Konqueror: URL address bar spoofingvulnerabilities (Google Search)
http://www.securityfocus.com/archive/1/475730/100/0/threaded
Bugtraq: 20070807 Re: [Full-disclosure] Konqueror: URL address bar spoofing vulnerabilities (Google Search)
http://www.securityfocus.com/archive/1/475763/100/0/threaded
http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065101.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9879
http://securitytracker.com/id?1018579
http://secunia.com/advisories/26351
http://secunia.com/advisories/26690
http://secunia.com/advisories/27271
http://securityreason.com/securityalert/2982
SuSE Security Announcement: SUSE-SR:2007:021 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html
http://www.vupen.com/english/advisories/2007/2807
XForce ISS Database: konqueror-setinterval-spoofing(35828)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35828
Common Vulnerability Exposure (CVE) ID: CVE-2007-4225
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00084.html
XForce ISS Database: konqueror-data-spoofing(35829)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35829
CopyrightCopyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.