what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 3 of 3 RSS Feed

CVE-2011-1168

Status Candidate

Overview

Cross-site scripting (XSS) vulnerability in the KHTMLPart::htmlError function in khtml/khtml_part.cpp in Konqueror in KDE SC 4.4.0 through 4.6.1 allows remote attackers to inject arbitrary web script or HTML via the URI in a URL corresponding to an unavailable web site.

Related Files

Mandriva Linux Security Advisory 2011-075
Posted Apr 20, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-075 - Cross-site scripting vulnerability in the KHTMLPart::htmlError function in khtml/khtml_part.cpp in Konqueror in KDE SC 4.4.0 through 4.6.1 allows remote attackers to inject arbitrary web script or HTML via the URI in a URL corresponding to an unavailable web site.

tags | advisory, remote, web, arbitrary, xss
systems | linux, mandriva
advisories | CVE-2011-1168
SHA-256 | 079730e3c28d1b312e002a75f6f6793e0129c7350c4b27aed7eb0354e4b43a6f
Ubuntu Security Notice USN-1110-1
Posted Apr 15, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1110-1 - It was discovered that KDE KSSL did not properly verify X.509 certificates when the certificate was issued for an IP address. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. Tim Brown discovered that KDE KHTML did not properly escape URLs from externally generated error pages. An attacker could exploit this to conduct cross-site scripting attacks. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data (such as passwords), within the same domain.

tags | advisory, remote, vulnerability, xss
systems | linux, ubuntu
advisories | CVE-2011-1094, CVE-2011-1168
SHA-256 | e78defb86c69f2ca1bbb9d91a5cec00811d513de3ef5cdfff2e34ffe7feee4cf
Konqueror 4.4.x / 4.5.x / 4.6.x HTML Injection
Posted Apr 12, 2011
Authored by Tim Brown | Site nth-dimension.org.uk

Nth Dimension Security Advisory (NDSA20110321) - Konqueror versions 4.4.x, 4.5.x, and 4.6.x suffer from an HTML injection vulnerability.

tags | exploit
advisories | CVE-2011-1168
SHA-256 | 14701c32ce4712f4d97a1de84cde5b129f9c273f5594ab66798fa5bbe15018db
Page 1 of 1
Back1Next

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    0 Files
  • 5
    Jul 5th
    0 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close