Launchpad.net

CVE 2007-3820

konqueror/konq_combo.cc in Konqueror 3.5.7 allows remote attackers to spoof the data: URI scheme in the address bar via a long URI with trailing whitespace, which prevents the beginning of the URI from being displayed.

Related bugs and status

CVE-2007-3820 (Candidate) is related to these bugs:

Bug #146870: konqueror URL bar spoofing

Summary				In	Importance	Status
	146870	konqueror URL bar spoofing		kdebase (Ubuntu)	Medium	Fix Released
	146870	konqueror URL bar spoofing		kdelibs (Ubuntu)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://alt.swiecki.net...
BID: 24912
BID: 24918
SECTRACK: 1018396
SECUNIA: 26091
CONFIRM: http://www.kde.org/inf...
SREASON: 2905
UBUNTU: USN-502-1
SECUNIA: 26612
SECUNIA: 26720
FEDORA: FEDORA-2007-2361
REDHAT: RHSA-2007:0905
REDHAT: RHSA-2007:0909
SECUNIA: 27089
SECUNIA: 27106
SECUNIA: 27108
FEDORA: FEDORA-2007-716
SECUNIA: 27090
SECUNIA: 27096
MANDRIVA: MDKSA-2007:176
VUPEN: ADV-2007-2538
OSVDB: 37242
XF: opera-konqueror-addres...
OVAL: oval:org.mitre.oval:de...
BUGTRAQ: 20070713 Opera/Konquer...
BUGTRAQ: 20070714 Re: Opera/Kon...