17 matches found
Linux Distros Unpatched Vulnerability : CVE-2014-8600
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple cross-site scripting XSS vulnerabilities in KDE-Runtime 4.14.3 and earlier, kwebkitpart 1.3.4 and earlier, and kio-extras 5.1.1 and earlier allow remot...
Mageia: Security Advisory (MGASA-2014-0478)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : kdebase4-runtime / kdelibs4 / konversation / etc (openSUSE-2015-251)
KDE and QT were updated to fix security issues and bugs. The following vulerabilities were fixed : - CVE-2014-0190: Malformed GIF files could have crashed QT based applications - CVE-2015-0295: Malformed BMP files could have crashed QT based applications - CVE-2014-8600: Multiple cross-site...
Fedora Update for kde-runtime FEDORA-2015-0564
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for kde-runtime FEDORA-2014-15618
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-8600
Multiple cross-site scripting XSS vulnerabilities in KDE-Runtime 4.14.3 and earlier, kwebkitpart 1.3.4 and earlier, and kio-extras 5.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via a crafted URI using the 1 zip, 2 trash, 3 tar, 4 thumbnail, 5 smtps, 6 smtp, 7 smb...
CVE-2014-8600
CVE-2014-8600 covers multiple XSS vulnerabilities in KDE components: KDE-Runtime 4.14.3 and earlier, kwebkitpart 1.3.4 and earlier, and kio-extras 5.1.1 and earlier. The issue arises from improper handling of URIs in an error message, allowing an attacker to inject arbitrary web script or HTML vi...
Fedora 20 : kwebkitpart-1.3.4-5.fc20 (2014-15130)
Sanitize input to disallow JavaScript being executed in the context of the referenced hostname. See also https://www.kde.org/info/security/advisory-20141113-1.txt Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable h...
Fedora Update for kwebkitpart FEDORA-2014-15130
Check the version of kwebkitpart SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868556";...
Fedora 21 : kwebkitpart-1.3.4-5.fc21 (2014-15150)
Sanitize input to disallow JavaScript being executed in the context of the referenced hostname. See also https://www.kde.org/info/security/advisory-20141113-1.txt Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable h...
Fedora 21 : kde-runtime-4.14.3-2.fc21 (2014-15618)
New security fix release, insufficient Input Validation By IO Slaves, see also https://www.kde.org/info/security/advisory-20141113-1.txt Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...
[USN-2414-1] KDE-Runtime vulnerability
========================================================================== Ubuntu Security Notice USN-2414-1 November 24, 2014 kde-runtime vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives...
Fedora 20 : kde-runtime-4.14.3-2.fc20 (2014-15532)
New security fix release, insufficient Input Validation By IO Slaves, see also https://www.kde.org/info/security/advisory-20141113-1.txt Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...
Fedora Update for kde-runtime FEDORA-2014-15532
Check the version of kde-runtime SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868520";...
MGASA-2014-0478 Updated kdebase4-runtime and kwebkitpart packages fix security vulnerability
kwebkitpart and the bookmarks:// io slave were not sanitizing input correctly allowing to some javascript being executed on the context of the referenced hostname CVE-2014-8600...
Updated kdebase4-runtime and kwebkitpart packages fix security vulnerability
kwebkitpart and the bookmarks:// io slave were not sanitizing input correctly allowing to some javascript being executed on the context of the referenced hostname CVE-2014-8600...
IO Slaves KDE Insufficient Input Validation
Vulnerability title: Insufficient Input Validation By IO Slaves In KDE e.V. KDE CVE: CVE-2014-8600 Vendor: KDE e.V. Product: KDE Affected version: kwebkitpart alert"$proto"+document.domain;" done Further details at:...