Lucene search
Gentoo FoundationMGASA-2014-0478HistoryNov 21, 2014 - 3:44 p.m.
Updated kdebase4-runtime and kwebkitpart packages fix security vulnerability
2014-11-2115:44:16
Gentoo Foundation
advisories.mageia.org
12
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
70.4%
kwebkitpart and the bookmarks:// io slave were not sanitizing input correctly allowing to some javascript being executed on the context of the referenced hostname (CVE-2014-8600).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 3 | noarch | kdebase4-runtime | < 4.10.5-1.2 | kdebase4-runtime-4.10.5-1.2.mga3 |
| Mageia | 3 | noarch | kwebkitpart | < 1.3.2-1.1 | kwebkitpart-1.3.2-1.1.mga3 |
| Mageia | 4 | noarch | kdebase4-runtime | < 4.12.5-1.2 | kdebase4-runtime-4.12.5-1.2.mga4 |
| Mageia | 4 | noarch | kwebkitpart | < 1.3.2-3.1 | kwebkitpart-1.3.2-3.1.mga4 |
Related
fedora
fedora
[SECURITY] Fedora 21 Update: kde-runtime-4.14.3-2.fc21
2014-12-03 17:16:28
[SECURITY] Fedora 21 Update: kwebkitpart-1.3.4-5.fc21
2014-12-03 17:14:56
[SECURITY] Fedora 20 Update: kwebkitpart-1.3.4-5.fc20
2014-12-06 02:31:38
debiancve
debiancve
CVE-2014-8600
2014-12-08 11:59:09
openvas
openvas
Ubuntu: Security Advisory (USN-2414-1)
2022-08-26 00:00:00
Fedora Update for kwebkitpart FEDORA-2014-15130
2014-12-06 00:00:00
Fedora Update for kde-runtime FEDORA-2014-15618
2015-01-05 00:00:00
cvelist
cvelist
CVE-2014-8600
2014-12-08 11:00:00
ubuntucve
ubuntucve
CVE-2014-8600
2014-11-20 00:00:00
nessus
nessus
Fedora 21 : kde-runtime-4.14.3-2.fc21 (2014-15618)
2014-12-04 00:00:00
FreeBSD : kwebkitpart, kde-runtime -- insufficient input validation (890b6b22-70fa-11e4-91ae-5453ed2e2b49)
2014-11-21 00:00:00
Ubuntu 12.04 LTS : kde-runtime vulnerability (USN-2414-1)
2014-11-25 00:00:00
freebsd
freebsd
kwebkitpart, kde-runtime -- insufficient input validation
2014-11-13 00:00:00
packetstorm
packetstorm
IO Slaves KDE Insufficient Input Validation
2014-11-19 00:00:00
prion
prion
Cross site scripting
2014-12-08 11:59:00
ubuntu
ubuntu
KDE-Runtime vulnerability
2014-11-24 00:00:00
securityvulns
securityvulns
[USN-2414-1] KDE-Runtime vulnerability
2014-12-01 00:00:00
nvd
nvd
CVE-2014-8600
2014-12-08 11:59:09
cve
cve
CVE-2014-8600
2014-12-08 11:59:09
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
70.4%
Related for MGASA-2014-0478