22 matches found
EUVD-2014-8437
Malware in sbrugna...
EUVD-2009-4938
Malware in sbrugna...
SUSE CVE-2009-4976
Cross-site scripting XSS vulnerability in webkitpart.cpp in kwebkitpart allows remote attackers to inject arbitrary web script or HTML via a URL associated with a nonexistent domain name, related to a "universal XSS" issue, a similar vulnerability to CVE-2010-2536...
Mageia: Security Advisory (MGASA-2014-0478)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for kwebkitpart FEDORA-2014-15150
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-8600
Multiple cross-site scripting XSS vulnerabilities in KDE-Runtime 4.14.3 and earlier, kwebkitpart 1.3.4 and earlier, and kio-extras 5.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via a crafted URI using the 1 zip, 2 trash, 3 tar, 4 thumbnail, 5 smtps, 6 smtp, 7 smb...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in KDE-Runtime 4.14.3 and earlier, kwebkitpart 1.3.4 and earlier, and kio-extras 5.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via a crafted URI using the 1 zip, 2 trash, 3 tar, 4 thumbnail, 5 smtps, 6 smtp, 7 smb...
CVE-2014-8600
Removed by vendor...
CVE-2014-8600
CVE-2014-8600 covers multiple XSS vulnerabilities in KDE components: KDE-Runtime 4.14.3 and earlier, kwebkitpart 1.3.4 and earlier, and kio-extras 5.1.1 and earlier. The issue arises from improper handling of URIs in an error message, allowing an attacker to inject arbitrary web script or HTML vi...
Fedora Update for kwebkitpart FEDORA-2014-15124
Check the version of kwebkitpart SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868563";...
[SECURITY] Fedora 19 Update: kwebkitpart-1.3.4-5.fc19
KWebKitPart is a web browser component for KDE KPart based on QtWebKit. You can use it for example for browsing the web in Konqueror...
[SECURITY] Fedora 20 Update: kwebkitpart-1.3.4-5.fc20
KWebKitPart is a web browser component for KDE KPart based on QtWebKit. You can use it for example for browsing the web in Konqueror...
Fedora Update for kwebkitpart FEDORA-2014-15130
Check the version of kwebkitpart SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868556";...
Fedora 20 : kwebkitpart-1.3.4-5.fc20 (2014-15130)
Sanitize input to disallow JavaScript being executed in the context of the referenced hostname. See also https://www.kde.org/info/security/advisory-20141113-1.txt Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable h...
[SECURITY] Fedora 21 Update: kwebkitpart-1.3.4-5.fc21
KWebKitPart is a web browser component for KDE KPart based on QtWebKit. You can use it for example for browsing the web in Konqueror...
Updated kdebase4-runtime and kwebkitpart packages fix security vulnerability
kwebkitpart and the bookmarks:// io slave were not sanitizing input correctly allowing to some javascript being executed on the context of the referenced hostname CVE-2014-8600...
MGASA-2014-0478 Updated kdebase4-runtime and kwebkitpart packages fix security vulnerability
kwebkitpart and the bookmarks:// io slave were not sanitizing input correctly allowing to some javascript being executed on the context of the referenced hostname CVE-2014-8600...
FreeBSD : kwebkitpart, kde-runtime -- insufficient input validation (890b6b22-70fa-11e4-91ae-5453ed2e2b49)
Albert Aastals Cid reports : kwebkitpart and the bookmarks:// io slave were not sanitizing input correctly allowing to some JavaScript being executed on the context of the referenced hostname. Whilst in most cases, the JavaScript will be executed in an untrusted context, with the bookmarks IO...
CVE-2014-8600
Multiple cross-site scripting XSS vulnerabilities in KDE-Runtime 4.14.3 and earlier, kwebkitpart 1.3.4 and earlier, and kio-extras 5.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via a crafted URI using the 1 zip, 2 trash, 3 tar, 4 thumbnail, 5 smtps, 6 smtp, 7 smb...
CVE-2009-4976
Cross-site scripting XSS vulnerability in webkitpart.cpp in kwebkitpart allows remote attackers to inject arbitrary web script or HTML via a URL associated with a nonexistent domain name, related to a "universal XSS" issue, a similar vulnerability to CVE-2010-2536...