FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2007-4224

This CVE name corresponds to:

Entered Topic
2007-09-19 konquerer -- address bar spoofing

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2007-4224 at cve.mitre.org

Details

Type Candidate
Name CVE-2007-4224
Phase Assigned(20070808)

Description

KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar by calling setInterval with a small interval and changing the window.location property.

References

Source Reference
BUGTRAQ 20070806 Konqueror: URL address bar spoofing vulnerabilities
BUGTRAQ 20070806 Re: Konqueror: URL address bar spoofing vulnerabilities
BUGTRAQ 20070806 Re: Konqueror: URL address bar spoofingvulnerabilities
BUGTRAQ 20070807 Re: [Full-disclosure] Konqueror: URL address bar spoofing vulnerabilities
FULLDISC 20070806 Konqueror: URL address bar spoofing vulnerabilities
CONFIRM http://www.kde.org/info/security/advisory-20070816-1.txt
CONFIRM https://issues.rpath.com/browse/RPL-1615
FEDORA FEDORA-2007-2361
FEDORA FEDORA-2007-716
MANDRIVA MDKSA-2007:176
REDHAT RHSA-2007:0905
REDHAT RHSA-2007:0909
SUSE SUSE-SR:2007:021
UBUNTU USN-502-1
BID 25219
OVAL oval:org.mitre.oval:def:9879
VUPEN ADV-2007-2807
SECTRACK 1018579
SECUNIA 26351
SECUNIA 26612
SECUNIA 26690
SECUNIA 26720
SECUNIA 27089
SECUNIA 27106
SECUNIA 27108
SECUNIA 27090
SECUNIA 27096
SECUNIA 27271
SREASON 2982
XF konqueror-setinterval-spoofing(35828)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.