12 matches found
CVE-2018-19516
messagepartthemes/default/defaultrenderer.cpp in messagelib in KDE Applications before 18.12.0 does not properly restrict the handling of an http-equiv="REFRESH" value...
Mageia: Security Advisory (MGASA-2018-0476)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2018-19516
messagepartthemes/default/defaultrenderer.cpp in messagelib in KDE Applications before 18.12.0 does not properly restrict the handling of an http-equiv="REFRESH" value...
CVE-2018-19516
messagepartthemes/default/defaultrenderer.cpp in messagelib in KDE Applications before 18.12.0 does not properly restrict the handling of an http-equiv="REFRESH" value...
CVE-2018-19516
messagepartthemes/default/defaultrenderer.cpp in messagelib in KDE Applications before 18.12.0 does not properly restrict the handling of an http-equiv="REFRESH" value...
CVE-2018-19516
messagepartthemes/default/defaultrenderer.cpp in messagelib in KDE Applications before 18.12.0 does not properly restrict the handling of an http-equiv="REFRESH" value...
CVE-2018-19516
CVE-2018-19516 affects KDE Applications’ messagelib (messagepartthemes/default/defaultrenderer.cpp) prior to version 18.12.0, where http-equiv=REFRESH handling is not properly restricted, potentially allowing data access bypass. Public records in NVD confirm the issue and indicate downstream patc...
CVE-2018-19516
messagepartthemes/default/defaultrenderer.cpp in messagelib in KDE Applications before 18.12.0 does not properly restrict the handling of an http-equiv="REFRESH" value...
openSUSE Security Update : messagelib (openSUSE-2018-1508)
This update for messagelib fixes the following issues : The following security vulnerability was addressed : - CVE-2018-19516: Fix a potential issue with opening messages in a new browser window when displaying mails as HTML boo1117958. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
openSUSE: Security Advisory for messagelib (openSUSE-SU-2018:4029-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security update for messagelib (low)
This update for messagelib fixes the following issues: The following security vulnerability was addressed: - CVE-2018-19516: Fix a potential issue with opening messages in a new browser window when displaying mails as HTML boo1117958...
Updated messagelib packages fix security vulnerability
Some HTML emails can trick messagelib into opening a new browser window when displaying said email as HTML. This happens even if the option to allow the HTML emails to access remote servers is disabled in KMail settings. This means that the owners of the servers referred in the email can see in...