17 matches found
Linux Distros Unpatched Vulnerability : CVE-2014-8600
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple cross-site scripting XSS vulnerabilities in KDE-Runtime 4.14.3 and earlier, kwebkitpart 1.3.4 and earlier, and kio-extras 5.1.1 and earlier allow remot...
Mageia: Security Advisory (MGASA-2014-0478)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : kdebase4-runtime / kdelibs4 / konversation / etc (openSUSE-2015-251)
KDE and QT were updated to fix security issues and bugs. The following vulerabilities were fixed : - CVE-2014-0190: Malformed GIF files could have crashed QT based applications - CVE-2015-0295: Malformed BMP files could have crashed QT based applications - CVE-2014-8600: Multiple cross-site...
Fedora Update for kde-runtime FEDORA-2015-0564
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for kde-runtime FEDORA-2014-15618
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-8600
Multiple cross-site scripting XSS vulnerabilities in KDE-Runtime 4.14.3 and earlier, kwebkitpart 1.3.4 and earlier, and kio-extras 5.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via a crafted URI using the 1 zip, 2 trash, 3 tar, 4 thumbnail, 5 smtps, 6 smtp, 7 smb...
CVE-2014-8600
CVE-2014-8600 covers multiple XSS vulnerabilities in KDE components: KDE-Runtime 4.14.3 and earlier, kwebkitpart 1.3.4 and earlier, and kio-extras 5.1.1 and earlier. The issue arises from improper handling of URIs in an error message, allowing an attacker to inject arbitrary web script or HTML vi...
Fedora Update for kwebkitpart FEDORA-2014-15130
Check the version of kwebkitpart SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868556";...
Fedora 20 : kwebkitpart-1.3.4-5.fc20 (2014-15130)
Sanitize input to disallow JavaScript being executed in the context of the referenced hostname. See also https://www.kde.org/info/security/advisory-20141113-1.txt Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable h...
Fedora 21 : kwebkitpart-1.3.4-5.fc21 (2014-15150)
Sanitize input to disallow JavaScript being executed in the context of the referenced hostname. See also https://www.kde.org/info/security/advisory-20141113-1.txt Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable h...
Fedora 21 : kde-runtime-4.14.3-2.fc21 (2014-15618)
New security fix release, insufficient Input Validation By IO Slaves, see also https://www.kde.org/info/security/advisory-20141113-1.txt Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...
[USN-2414-1] KDE-Runtime vulnerability
========================================================================== Ubuntu Security Notice USN-2414-1 November 24, 2014 kde-runtime vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives...
Fedora 20 : kde-runtime-4.14.3-2.fc20 (2014-15532)
New security fix release, insufficient Input Validation By IO Slaves, see also https://www.kde.org/info/security/advisory-20141113-1.txt Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...
Fedora Update for kde-runtime FEDORA-2014-15532
Check the version of kde-runtime SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868520";...
Updated kdebase4-runtime and kwebkitpart packages fix security vulnerability
kwebkitpart and the bookmarks:// io slave were not sanitizing input correctly allowing to some javascript being executed on the context of the referenced hostname CVE-2014-8600...
MGASA-2014-0478 Updated kdebase4-runtime and kwebkitpart packages fix security vulnerability
kwebkitpart and the bookmarks:// io slave were not sanitizing input correctly allowing to some javascript being executed on the context of the referenced hostname CVE-2014-8600...
IO Slaves KDE Insufficient Input Validation
Vulnerability title: Insufficient Input Validation By IO Slaves In KDE e.V. KDE CVE: CVE-2014-8600 Vendor: KDE e.V. Product: KDE Affected version: kwebkitpart alert"$proto"+document.domain;" done Further details at:...