FreeBSD : kdelibs4, rekonq -- input validation failure (6d21a287-fce0-11e0-a828-00235a5f2c9a)

KDE Security Advisory reports : The default rendering type for a QLabel is QLabel::AutoText, which uses heuristics to determine whether to render the given content as plain text or rich text. KSSL and Rekonq did not properly force its QLabels to use QLabel::PlainText. As a result, if given a...

Low severity flaw in various applications including KSSL, Rekonq, Arora, Psi IM

I recently discovered that various Qt applications including KSSL the KDE class library responsible for SSL negotiation, Rekonq, Arora and Psi IM are vulnerable to UI spoofing due to their use of QLabel objects to render externally controlled security critical information. The primary area of...

UI spoofing in different QT applications

Using Qt QLabel class to display security critical information allows interface spoofing...

kdelibs4, rekonq -- input validation failure

KDE Security Advisory reports: The default rendering type for a QLabel is QLabel::AutoText, which uses heuristics to determine whether to render the given content as plain text or rich text. KSSL and Rekonq did not properly force its QLabels to use QLabel::PlainText. As a result, if given a...