ID CVE-2007-4225
Summary Visual truncation vulnerability in KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar via an http URI with a large amount of whitespace in the user/password portion.
References
Vulnerable Configurations
  • cpe:2.3:a:kde:konqueror:3.5.7
    cpe:2.3:a:kde:konqueror:3.5.7
CVSS
Base: 6.8 (as of 09-08-2007 - 08:21)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2007-716.NASL
    description The remote Fedora Core host is missing one or more security updates : kdebase-3.5.7-1.fc6 : - Tue Oct 2 2007 Than Ngo - 6:3.5.7-1.fc6 - CVE-2007-4224, CVE-2007-4225, CVE-2007-3820 - rh#299741, CVE-2007-4569 - Mon Jul 2 2007 Than Ngo - 6:3.5.7-0.fc6.2 - fix #244906 kdelibs-3.5.7-1.fc6 : - Tue Oct 2 2007 Than Ngo - 6:3.5.7-1.fc6 - CVE-2007-4224, CVE-2007-3820 konqueror address bar spoofing Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-12-08
    plugin id 26935
    published 2007-10-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=26935
    title Fedora Core 6 : kdebase-3.5.7-1.fc6 / kdelibs-3.5.7-1.fc6 (2007-716)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_14AD2A2866D211DCB25F02E0185F8D72.NASL
    description The KDE development team reports : The Konqueror address bar is vulnerable to spoofing attacks that are based on embedding white spaces in the url. In addition the address bar could be tricked to show an URL which it is intending to visit for a short amount of time instead of the current URL.
    last seen 2019-02-21
    modified 2018-11-21
    plugin id 26085
    published 2007-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=26085
    title FreeBSD : konquerer -- address bar spoofing (14ad2a28-66d2-11dc-b25f-02e0185f8d72)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2007-2361.NASL
    description - Tue Oct 2 2007 Than Ngo - 6:3.5.7-13.1 - rh#299731, CVE-2007-4569 - Wed Aug 15 2007 Rex Dieter 6:3.5.7-13 - CVE-2007-3820, CVE-2007-4224, CVE-2007-4225 - License: GPLv2 - Requires: kdelibs3(-devel) - Fri Jul 20 2007 Rex Dieter - 6:3.5.7-12 - fix unpackaged files - Fri Jul 20 2007 Rex Dieter - 6:3.5.7-9 - %ifnarch s390 s390x: BR: lm_sensors - Thu Jul 19 2007 Rex Dieter - 6:3.5.7-7 - omit dirs owned by kde-filesystem - Mon Jul 2 2007 Than Ngo - 6:3.5.7-6 - fix bz#244906 - Wed Jun 20 2007 Rex Dieter - 6:3.5.7-5 - Provides: kdebase3(-devel) - Wed Jun 20 2007 Rex Dieter - 6:3.5.7-4 - -devel: Requires: %name... - portability++ - Fri Jun 15 2007 Rex Dieter - 6:3.5.7-3 - specfile portability - Mon Jun 11 2007 Rex Dieter - 6:3.5.7-2 - fix BR: kdelibs-devel - cleanup Req's wrt kde-settings - Mon Jun 11 2007 Than Ngo - 6:3.5.7-1.fc7.1 - remove kdebase-3.4.2-npapi-64bit-fixes.patch, it's included in new upstream - Wed Jun 6 2007 Than Ngo - 6:3.5.7-0.1 - 3.5.7 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-12-08
    plugin id 27769
    published 2007-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27769
    title Fedora 7 : kdebase-3.5.7-13.1.fc7 (2007-2361)
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2007-264-01.NASL
    description New kdebase packages are available for Slackware 12.0 to fix security issues. A long URL padded with spaces could be used to display a false URL in Konqueror's addressbar, and KDM when used with no-password login could be tricked into logging a different user in without a password. This is not the way KDM is configured in Slackware by default, somewhat mitigating the impact of this issue.
    last seen 2019-02-21
    modified 2018-11-19
    plugin id 26113
    published 2007-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=26113
    title Slackware 12.0 : kdebase, kdelibs (SSA:2007-264-01)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2007-176.NASL
    description konqueror/konq_combo.cc in Konqueror 3.5.7 allows remote attackers to spoof the data: URI scheme in the address bar via a long URI with trailing whitespace, which prevents the beginning of the URI from being displayed. (CVE-2007-3820) KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar by calling setInterval with a small interval and changing the window.location property. (CVE-2007-4224) Visual truncation vulnerability in KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar via an http URI with a large amount of whitespace in the user/password portion. (CVE-2007-4225) Updated packages fix these issues.
    last seen 2019-02-21
    modified 2018-12-05
    plugin id 26008
    published 2007-09-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=26008
    title Mandrake Linux Security Advisory : konqueror (MDKSA-2007:176)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-502-1.NASL
    description It was discovered that Konqueror could be tricked into displaying incorrect URLs. Remote attackers could exploit this to increase their chances of tricking a user into visiting a phishing URL, which could lead to credential theft. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 28106
    published 2007-11-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=28106
    title Ubuntu 6.06 LTS / 6.10 / 7.04 : kdebase, kdelibs vulnerabilities (USN-502-1)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2007-1699.NASL
    description This update primarily addresses problems with URL spoofing and consolekit/session permissions. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-21
    plugin id 27728
    published 2007-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27728
    title Fedora 7 : kdelibs-3.5.7-20.fc7 (2007-1699)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2007-1700.NASL
    description This update primarily addresses security issues around URL spoofing. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-21
    plugin id 27729
    published 2007-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27729
    title Fedora 7 : kdebase-3.5.7-13.fc7 (2007-1700)
refmap via4
confirm
fedora
  • FEDORA-2007-2361
  • FEDORA-2007-716
fulldisc 20070806 Konqueror: URL address bar spoofing vulnerabilities
mandriva MDKSA-2007:176
sectrack 1018579
secunia
  • 26351
  • 26612
  • 26690
  • 26720
  • 27089
  • 27096
sreason 2982
ubuntu USN-502-1
vupen ADV-2007-2807
xf konqueror-data-spoofing(35829)
statements via4
contributor Joshua Bressers
lastmodified 2007-08-09
organization Red Hat
statement Not vulnerable. Not vulnerable. These issues did not affect the versions of konqueror as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.
Last major update 07-03-2011 - 21:58
Published 08-08-2007 - 17:17
Last modified 28-07-2017 - 21:32
Back to Top