Package: konqueror Version: 4:3.2.2-1 Severity: grave Tags: security upstream sid
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0721 : +-----------------------------------------------------------------------------+ | Name | CAN-2004-0721 (under review) | |-------------+---------------------------------------------------------------| | | Konqueror 3.1.3, 3.2.2, and possibly other versions does not | | | properly prevent a frame in one domain from injecting content | | Description | into a frame that belongs to another domain,m which | | | facilitates web site spoofing and other attacks, aka the | | | frame injection vulnerability. | |-------------+---------------------------------------------------------------| | | * MISC:http://secunia.com/advisories/11978 | | References | * MISC:http://secunia.com/ | | | multiple_browsers_frame_injection_vulnerability_test/ | |-------------+---------------------------------------------------------------| | Phase | Assigned (20040722) | |-------------+---------------------------------------------------------------| -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (800, 'unstable'), (750, 'experimental'), (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.4.27-rc3 Locale: LANG=C, LC_CTYPE=en_US.ISO8859-1 -- Obsig: developing a new sig
