Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1168

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-1168
Last Modified 20 Feb 2014 11:40:57
Published 18 Apr 2011 02:55:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-1168

Summary

Cross-site scripting (XSS) vulnerability in the KHTMLPart::htmlError function in khtml/khtml_part.cpp in Konqueror in KDE SC 4.4.0 through 4.6.1 allows remote attackers to inject arbitrary web script or HTML via the URI in a URL corresponding to an unavailable web site.

Vulnerable Systems

Application

  • Kde Sc 4.4.0

  • Kde Sc 4.4.1

  • Kde Sc 4.4.2

  • Kde Sc 4.4.3

  • Kde Sc 4.4.4

  • Kde Sc 4.4.5

  • Kde Sc 4.5.0

  • Kde Sc 4.5.1

  • Kde Sc 4.5.2

  • Kde Sc 4.5.3

  • Kde Sc 4.5.4

  • Kde Sc 4.5.5

  • Kde Sc 4.6

  • Kde Sc 4.6.0

  • Kde Sc 4.6.1


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=695398

XF - konqueror-khtmlparthtmlerror-xss(66697)

VUPEN - ADV-2011-0990

VUPEN - ADV-2011-0928

VUPEN - ADV-2011-0927

UBUNTU - USN-1110-1

BID - 47304

BUGTRAQ - 20110412 Re: [Full-disclosure] Medium severity flaw in Konqueror

BUGTRAQ - 20110411 Medium severity flaw in Konqueror

MISC - http://www.nth-dimension.org.uk/pub/NDSA20110321.txt.asc

MANDRIVA - MDVSA-2011:075

CONFIRM - http://www.kde.org/info/security/advisory-20110411-1.txt

SLACKWARE - SSA:2011-101-02

SECTRACK - 1025322

SREASON - 8208

SECUNIA - 44108

SECUNIA - 44065

SUSE - SUSE-SR:2011:009


Last Updated: 27 May 2016 10:56:44