ID CVE-2007-3820
Summary konqueror/konq_combo.cc in Konqueror 3.5.7 allows remote attackers to spoof the data: URI scheme in the address bar via a long URI with trailing whitespace, which prevents the beginning of the URI from being displayed.
References
Vulnerable Configurations
  • cpe:2.3:a:kde:konqueror:3.5.7
    cpe:2.3:a:kde:konqueror:3.5.7
CVSS
Base: 2.6 (as of 18-07-2007 - 19:43)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
nessus via4
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20071008_KDEBASE_ON_SL5_X.NASL
    description Kees Huijgen found a flaw in the way KDM handled logins when autologin and 'shutdown with password' were enabled. A local user would have been able to login via KDM as any user without requiring a password. (CVE-2007-4569) Two Konqueror address spoofing flaws were discovered. A malicious website could spoof the Konqueror address bar, tricking a victim into believing the page was from a different site. (CVE-2007-3820, CVE-2007-4224)
    last seen 2019-02-21
    modified 2019-01-07
    plugin id 60262
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60262
    title Scientific Linux Security Update : kdebase on SL5.x, SL4.x i386/x86_64
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20071008_KDELIBS_ON_SL5_X.NASL
    description Two cross-site-scripting flaws were found in the way Konqueror processes certain HTML content. This could result in a malicious attacker presenting misleading content to an unsuspecting user. (CVE-2007-0242, CVE-2007-0537) A flaw was found in KDE JavaScript implementation. A web page containing malicious JavaScript code could cause Konqueror to crash. (CVE-2007-1308) A flaw was found in the way Konqueror handled certain FTP PASV commands. A malicious FTP server could use this flaw to perform a rudimentary port-scan of machines behind a user's firewall. (CVE-2007-1564) Two Konqueror address spoofing flaws have been discovered. It was possible for a malicious website to cause the Konqueror address bar to display information which could trick a user into believing they are at a different website than they actually are. (CVE-2007-3820, CVE-2007-4224)
    last seen 2019-02-21
    modified 2019-01-07
    plugin id 60263
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60263
    title Scientific Linux Security Update : kdelibs on SL5.x, SL4.x i386/x86_64
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2007-0909.NASL
    description From Red Hat Security Advisory 2007:0909 : Updated kdelibs packages that resolve several security flaws are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The kdelibs package provides libraries for the K Desktop Environment (KDE). Two cross-site-scripting flaws were found in the way Konqueror processes certain HTML content. This could result in a malicious attacker presenting misleading content to an unsuspecting user. (CVE-2007-0242, CVE-2007-0537) A flaw was found in KDE JavaScript implementation. A web page containing malicious JavaScript code could cause Konqueror to crash. (CVE-2007-1308) A flaw was found in the way Konqueror handled certain FTP PASV commands. A malicious FTP server could use this flaw to perform a rudimentary port-scan of machines behind a user's firewall. (CVE-2007-1564) Two Konqueror address spoofing flaws have been discovered. It was possible for a malicious website to cause the Konqueror address bar to display information which could trick a user into believing they are at a different website than they actually are. (CVE-2007-3820, CVE-2007-4224) Users of KDE should upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-08-13
    plugin id 67574
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67574
    title Oracle Linux 4 / 5 : kdelibs (ELSA-2007-0909)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2007-0909.NASL
    description Updated kdelibs packages that resolve several security flaws are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The kdelibs package provides libraries for the K Desktop Environment (KDE). Two cross-site-scripting flaws were found in the way Konqueror processes certain HTML content. This could result in a malicious attacker presenting misleading content to an unsuspecting user. (CVE-2007-0242, CVE-2007-0537) A flaw was found in KDE JavaScript implementation. A web page containing malicious JavaScript code could cause Konqueror to crash. (CVE-2007-1308) A flaw was found in the way Konqueror handled certain FTP PASV commands. A malicious FTP server could use this flaw to perform a rudimentary port-scan of machines behind a user's firewall. (CVE-2007-1564) Two Konqueror address spoofing flaws have been discovered. It was possible for a malicious website to cause the Konqueror address bar to display information which could trick a user into believing they are at a different website than they actually are. (CVE-2007-3820, CVE-2007-4224) Users of KDE should upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 26974
    published 2007-10-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=26974
    title CentOS 4 / 5 : kdelibs (CESA-2007:0909)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2007-716.NASL
    description The remote Fedora Core host is missing one or more security updates : kdebase-3.5.7-1.fc6 : - Tue Oct 2 2007 Than Ngo - 6:3.5.7-1.fc6 - CVE-2007-4224, CVE-2007-4225, CVE-2007-3820 - rh#299741, CVE-2007-4569 - Mon Jul 2 2007 Than Ngo - 6:3.5.7-0.fc6.2 - fix #244906 kdelibs-3.5.7-1.fc6 : - Tue Oct 2 2007 Than Ngo - 6:3.5.7-1.fc6 - CVE-2007-4224, CVE-2007-3820 konqueror address bar spoofing Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-12-08
    plugin id 26935
    published 2007-10-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=26935
    title Fedora Core 6 : kdebase-3.5.7-1.fc6 / kdelibs-3.5.7-1.fc6 (2007-716)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2007-0905.NASL
    description Updated kdebase packages that resolve several security flaws are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The kdebase packages provide the core applications for KDE, the K Desktop Environment. These core packages include Konqueror, the web browser and file manager. These updated packages address the following vulnerabilities : Kees Huijgen found a flaw in the way KDM handled logins when autologin and 'shutdown with password' were enabled. A local user would have been able to login via KDM as any user without requiring a password. (CVE-2007-4569) Two Konqueror address spoofing flaws were discovered. A malicious website could spoof the Konqueror address bar, tricking a victim into believing the page was from a different site. (CVE-2007-3820, CVE-2007-4224) Users of KDE should upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 26973
    published 2007-10-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=26973
    title CentOS 4 / 5 : kdebase (CESA-2007:0905)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_14AD2A2866D211DCB25F02E0185F8D72.NASL
    description The KDE development team reports : The Konqueror address bar is vulnerable to spoofing attacks that are based on embedding white spaces in the url. In addition the address bar could be tricked to show an URL which it is intending to visit for a short amount of time instead of the current URL.
    last seen 2019-02-21
    modified 2018-11-21
    plugin id 26085
    published 2007-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=26085
    title FreeBSD : konquerer -- address bar spoofing (14ad2a28-66d2-11dc-b25f-02e0185f8d72)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2007-2361.NASL
    description - Tue Oct 2 2007 Than Ngo - 6:3.5.7-13.1 - rh#299731, CVE-2007-4569 - Wed Aug 15 2007 Rex Dieter 6:3.5.7-13 - CVE-2007-3820, CVE-2007-4224, CVE-2007-4225 - License: GPLv2 - Requires: kdelibs3(-devel) - Fri Jul 20 2007 Rex Dieter - 6:3.5.7-12 - fix unpackaged files - Fri Jul 20 2007 Rex Dieter - 6:3.5.7-9 - %ifnarch s390 s390x: BR: lm_sensors - Thu Jul 19 2007 Rex Dieter - 6:3.5.7-7 - omit dirs owned by kde-filesystem - Mon Jul 2 2007 Than Ngo - 6:3.5.7-6 - fix bz#244906 - Wed Jun 20 2007 Rex Dieter - 6:3.5.7-5 - Provides: kdebase3(-devel) - Wed Jun 20 2007 Rex Dieter - 6:3.5.7-4 - -devel: Requires: %name... - portability++ - Fri Jun 15 2007 Rex Dieter - 6:3.5.7-3 - specfile portability - Mon Jun 11 2007 Rex Dieter - 6:3.5.7-2 - fix BR: kdelibs-devel - cleanup Req's wrt kde-settings - Mon Jun 11 2007 Than Ngo - 6:3.5.7-1.fc7.1 - remove kdebase-3.4.2-npapi-64bit-fixes.patch, it's included in new upstream - Wed Jun 6 2007 Than Ngo - 6:3.5.7-0.1 - 3.5.7 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-12-08
    plugin id 27769
    published 2007-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27769
    title Fedora 7 : kdebase-3.5.7-13.1.fc7 (2007-2361)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2007-0909.NASL
    description Updated kdelibs packages that resolve several security flaws are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The kdelibs package provides libraries for the K Desktop Environment (KDE). Two cross-site-scripting flaws were found in the way Konqueror processes certain HTML content. This could result in a malicious attacker presenting misleading content to an unsuspecting user. (CVE-2007-0242, CVE-2007-0537) A flaw was found in KDE JavaScript implementation. A web page containing malicious JavaScript code could cause Konqueror to crash. (CVE-2007-1308) A flaw was found in the way Konqueror handled certain FTP PASV commands. A malicious FTP server could use this flaw to perform a rudimentary port-scan of machines behind a user's firewall. (CVE-2007-1564) Two Konqueror address spoofing flaws have been discovered. It was possible for a malicious website to cause the Konqueror address bar to display information which could trick a user into believing they are at a different website than they actually are. (CVE-2007-3820, CVE-2007-4224) Users of KDE should upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-11-16
    plugin id 26952
    published 2007-10-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=26952
    title RHEL 4 / 5 : kdelibs (RHSA-2007:0909)
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2007-264-01.NASL
    description New kdebase packages are available for Slackware 12.0 to fix security issues. A long URL padded with spaces could be used to display a false URL in Konqueror's addressbar, and KDM when used with no-password login could be tricked into logging a different user in without a password. This is not the way KDM is configured in Slackware by default, somewhat mitigating the impact of this issue.
    last seen 2019-02-21
    modified 2018-11-19
    plugin id 26113
    published 2007-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=26113
    title Slackware 12.0 : kdebase, kdelibs (SSA:2007-264-01)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2007-0905.NASL
    description From Red Hat Security Advisory 2007:0905 : Updated kdebase packages that resolve several security flaws are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The kdebase packages provide the core applications for KDE, the K Desktop Environment. These core packages include Konqueror, the web browser and file manager. These updated packages address the following vulnerabilities : Kees Huijgen found a flaw in the way KDM handled logins when autologin and 'shutdown with password' were enabled. A local user would have been able to login via KDM as any user without requiring a password. (CVE-2007-4569) Two Konqueror address spoofing flaws were discovered. A malicious website could spoof the Konqueror address bar, tricking a victim into believing the page was from a different site. (CVE-2007-3820, CVE-2007-4224) Users of KDE should upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 67573
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67573
    title Oracle Linux 4 / 5 : kdebase (ELSA-2007-0905)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2007-0905.NASL
    description Updated kdebase packages that resolve several security flaws are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The kdebase packages provide the core applications for KDE, the K Desktop Environment. These core packages include Konqueror, the web browser and file manager. These updated packages address the following vulnerabilities : Kees Huijgen found a flaw in the way KDM handled logins when autologin and 'shutdown with password' were enabled. A local user would have been able to login via KDM as any user without requiring a password. (CVE-2007-4569) Two Konqueror address spoofing flaws were discovered. A malicious website could spoof the Konqueror address bar, tricking a victim into believing the page was from a different site. (CVE-2007-3820, CVE-2007-4224) Users of KDE should upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-11-16
    plugin id 26951
    published 2007-10-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=26951
    title RHEL 4 / 5 : kdebase (RHSA-2007:0905)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2007-176.NASL
    description konqueror/konq_combo.cc in Konqueror 3.5.7 allows remote attackers to spoof the data: URI scheme in the address bar via a long URI with trailing whitespace, which prevents the beginning of the URI from being displayed. (CVE-2007-3820) KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar by calling setInterval with a small interval and changing the window.location property. (CVE-2007-4224) Visual truncation vulnerability in KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar via an http URI with a large amount of whitespace in the user/password portion. (CVE-2007-4225) Updated packages fix these issues.
    last seen 2019-02-21
    modified 2018-12-05
    plugin id 26008
    published 2007-09-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=26008
    title Mandrake Linux Security Advisory : konqueror (MDKSA-2007:176)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-502-1.NASL
    description It was discovered that Konqueror could be tricked into displaying incorrect URLs. Remote attackers could exploit this to increase their chances of tricking a user into visiting a phishing URL, which could lead to credential theft. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 28106
    published 2007-11-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=28106
    title Ubuntu 6.06 LTS / 6.10 / 7.04 : kdebase, kdelibs vulnerabilities (USN-502-1)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2007-1699.NASL
    description This update primarily addresses problems with URL spoofing and consolekit/session permissions. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-21
    plugin id 27728
    published 2007-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27728
    title Fedora 7 : kdelibs-3.5.7-20.fc7 (2007-1699)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2007-1700.NASL
    description This update primarily addresses security issues around URL spoofing. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-21
    plugin id 27729
    published 2007-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27729
    title Fedora 7 : kdebase-3.5.7-13.fc7 (2007-1700)
oval via4
accepted 2013-04-29T04:04:51.171-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
  • comment The operating system installed on the system is Red Hat Enterprise Linux 5
    oval oval:org.mitre.oval:def:11414
  • comment The operating system installed on the system is CentOS Linux 5.x
    oval oval:org.mitre.oval:def:15802
  • comment Oracle Linux 5.x
    oval oval:org.mitre.oval:def:15459
description konqueror/konq_combo.cc in Konqueror 3.5.7 allows remote attackers to spoof the data: URI scheme in the address bar via a long URI with trailing whitespace, which prevents the beginning of the URI from being displayed.
family unix
id oval:org.mitre.oval:def:10345
status accepted
submitted 2010-07-09T03:56:16-04:00
title konqueror/konq_combo.cc in Konqueror 3.5.7 allows remote attackers to spoof the data: URI scheme in the address bar via a long URI with trailing whitespace, which prevents the beginning of the URI from being displayed.
version 24
redhat via4
advisories
  • rhsa
    id RHSA-2007:0905
  • rhsa
    id RHSA-2007:0909
rpms
  • kdebase-6:3.3.1-6.el4
  • kdebase-devel-6:3.3.1-6.el4
  • kdebase-6:3.5.4-15.el5
  • kdebase-devel-6:3.5.4-15.el5
  • kdelibs-6:3.3.1-9.el4
  • kdelibs-devel-6:3.3.1-9.el4
  • kdelibs-6:3.5.4-13.el5
  • kdelibs-apidocs-6:3.5.4-13.el5
  • kdelibs-devel-6:3.5.4-13.el5
refmap via4
bid
  • 24912
  • 24918
bugtraq
  • 20070713 Opera/Konqueror: data: URL scheme address bar spoofing
  • 20070714 Re: Opera/Konqueror: data: URL scheme address bar spoofing
confirm http://www.kde.org/info/security/advisory-20070816-1.txt
fedora
  • FEDORA-2007-2361
  • FEDORA-2007-716
mandriva MDKSA-2007:176
misc http://alt.swiecki.net/oper1.html
osvdb 37242
sectrack 1018396
secunia
  • 26091
  • 26612
  • 26720
  • 27089
  • 27090
  • 27096
  • 27106
  • 27108
sreason 2905
ubuntu USN-502-1
vupen ADV-2007-2538
xf opera-konqueror-addressbar-spoofing(35430)
statements via4
contributor Mark J Cox
lastmodified 2007-09-05
organization Red Hat
statement This issue did not affect Red Hat Enterprise Linux 2.1 or 3. For Red Hat Enterprise Linux 4 and 5, Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=248537 The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw.
Last major update 30-10-2012 - 22:39
Published 16-07-2007 - 21:30
Last modified 15-10-2018 - 17:31
Back to Top