EUVD-2008-0309

Malware in sbrugna...

SUSE CVE-2005-4504

The khtml::RenderTableSection::ensureRows function in KHTMLParser in Apple Mac OS X 10.4.3 and earlier, as used by Safari and TextEdit, allows remote attackers to cause a denial of service memory consumption and application crash via HTML files with a large ROWSPAN attribute in a TD tag...

SUSE CVE-2012-4515

Use-after-free vulnerability in khtml/rendering/renderreplaced.cpp in Konqueror in KDE 4.7.3, when the context menu is shown, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code by accessing an iframe when it is being updated...

SUSE: Security Advisory (SUSE-SU-2013:1559-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Cross-site Scripting (XSS)

kdelibs is vulnerable to cross-site scripting XSS. The vulnerability exists as a flaw was found in the way KHTML, the HTML layout engine used by KDE applications such as the Konqueror web browser, displayed certain error pages. A remote attacker could use this flaw to perform a cross-site scripti...

Fedora Update for kf5-khtml FEDORA-2016-cef912e3a4

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for kf5-khtml FEDORA-2016-4701636a74

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : kdelibs4 (openSUSE-SU-2014:0981-1)

KDE4 Libraries and Workspace received a security fix to fix a race condition in DBUS/Polkit authorization, where local attackers could potentially call root KDE services without proper authenticiation. CVE-2014-5033 Additionaly a interlaced GIF display bug in KHTML was fixed. kde330148 This updat...

Apple Safari <= 2.0.4 KHTML WebKit Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27261/info Apple Safari is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to crash the affected application, denying service to legitimate users. Apple Safari 2 running on Mac OS X i...

SuSE 11.2 / 11.3 Security Update : kdelibs4 (SAT Patch Numbers 8401 / 8402)

This kdelibs4 update fixes several security issues related to khtml/konqueror. - Fix security issues and NULL pointer references in khtml/konqueror bnc787520 CVE-2012-4512 / CVE-2012-4513 / CVE-2012-4515 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks ...

Oracle Linux 5 : kdelibs (ELSA-2009-1127)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2009-1127 advisory. - Resolves: 505621, CVE-2009-1687, integer overflow in KJS JavaScript garbage collector CVE-2009-1698, KHTML CSS parser - incorrect handling CSS style...

CVE-2012-4515

Use-after-free vulnerability in khtml/rendering/renderreplaced.cpp in Konqueror in KDE 4.7.3, when the context menu is shown, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code by accessing an iframe when it is being updated...

CVE-2012-4513

khtml/imload/scaledimageplane.h in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service crash and possibly read memory via large canvas dimensions, which leads to an unexpected sign extension and a heap-based buffer over-read...

Apple Safari 5.1.2插件卸载远程代码执行漏洞

BUGTRAQ ID: 52325 CVE ID: CVE-2011-3845 Safari是苹果计算机的最新作业系统Mac OS X中的浏览器，使用了KDE的KHTML作为浏览器的运算核心。 Apple Safari在实现上存在远程代码执行漏洞，远程攻击者可利用此漏洞在受影响应用中执行任意代码 0 Apple Safari 5.1.2 7534.52.7 For Windows 厂商补丁： Apple ----- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://support.apple.com/...

Apple Safari缓存对象历史枚举漏洞

CVE ID: CVE-2011-4692 Safari是苹果计算机的最新作业系统Mac OS X中的浏览器，使用了KDE的KHTML作为浏览器的运算核心。 Apple Safari在处理缓存对象时存在错误，可被恶意用户利用枚举已浏览的站点，泄露敏感信息。 0 Apple Safari 5.x 厂商补丁： Apple ----- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://support.apple.com/...

Apple Safari &quot;libxml&quot;远程代码执行漏洞

BUGTRAQ ID: 48832 CVE ID: CVE-2011-0216 Safari是苹果计算机的最新作业系统Mac OS X中的浏览器，使用了KDE的KHTML作为浏览器的运算核心。 Safari 5.0.6之前版本在libxml的实现上存在单字节溢出漏洞，攻击者可利用此漏洞在受影响应用程序下执行任意代码或造成拒绝服务。 Apple Safari 5.x Apple Safari 4.x Apple TV 4.3 Apple TV 4.2 Apple TV 4.1 Apple TV 4.0 Apple TV 2.1 Apple TV 1.0 Apple iOS 4.x 厂商补丁...

Apple Safari safari-extension:// URL处理遍历远程代码执行漏洞

CVE ID: CVE-2011-3229 Safari是苹果计算机的最新作业系统Mac OS X中的浏览器，使用了KDE的KHTML作为浏览器的运算核心。 Safari在处理safari-extension:// URL时存在目录遍历问题，浏览恶意网站可导致执行任意Javascript代码。 Apple Mac OS X 10.6.8 Apple Mac OS X Server v10.6.8 Microsoft Vista Microsoft Windows 7 Apple OS X Lion 10.7.2 Apple OS X Lion Server 10.7.2 厂商补丁：...

Apple Safari WebKit Private Browsing模式Cookie限制绕过漏洞

CVE ID: CVE-2011-3242 Safari是苹果计算机的最新作业系统Mac OS X中的浏览器，使用了KDE的KHTML作为浏览器的运算核心。 Safari在Private Browsing模式中处理cookie时存在逻辑错误，即使"Block cookies"设置为“Always”也会设置cookie。 Apple Mac OS X 10.6.8 Apple Mac OS X Server v10.6.8 Apple OS X Lion 10.7.2 Apple OS X Lion Server 10.7.2 厂商补丁： Apple -----...

Apple Safari file:// URL远程代码执行漏洞

CVE ID: CVE-2011-3230 Safari是苹果计算机的最新作业系统Mac OS X中的浏览器，使用了KDE的KHTML作为浏览器的运算核心。 Safari在处理file:// URL时存在策略问题，浏览恶意网站可导致任意代码执行。此漏洞不影响Windows系统。 Apple Mac OS X 10.6.8 Apple Mac OS X Server v10.6.8 厂商补丁： Apple ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://support.apple.com/...

Apple Safari 5.1和5.0.6之前版本多个安全漏洞

BUGTRAQ ID: 48808 CVE ID: CVE-2011-0218,CVE-2011-0221,CVE-2011-0222,CVE-2011-0225,CVE-2011-0232,CVE-2011-0233,CVE-2011-0234,CVE-2011-0235,CVE-2011-0237,CVE-2011-0238,CVE-2011-0240,CVE-2011-0253,CVE-2011-0254,CVE-2011-0255,CVE-2011-1288,CVE-2011-1453,CVE-2011-1457,CVE-2011-1462,CVE-2011-1797...