FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2007-4225

This CVE name corresponds to:

Entered Topic
2007-09-19 konquerer -- address bar spoofing

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2007-4225 at cve.mitre.org

Details

Type Candidate
Name CVE-2007-4225
Phase Assigned(20070808)

Description

Visual truncation vulnerability in KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar via an http URI with a large amount of whitespace in the user/password portion.

References

Source Reference
FULLDISC 20070806 Konqueror: URL address bar spoofing vulnerabilities
CONFIRM http://www.kde.org/info/security/advisory-20070816-1.txt
CONFIRM https://issues.rpath.com/browse/RPL-1615
FEDORA FEDORA-2007-2361
FEDORA FEDORA-2007-716
MANDRIVA MDKSA-2007:176
UBUNTU USN-502-1
VUPEN ADV-2007-2807
SECTRACK 1018579
SECUNIA 26351
SECUNIA 26612
SECUNIA 26690
SECUNIA 26720
SECUNIA 27089
SECUNIA 27096
SREASON 2982
XF konqueror-data-spoofing(35829)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.