CVE-2007-4225
published 2007-08-08CVE-2007-4225: Visual truncation vulnerability in KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar via an http URI with a large amount of whitespace…
PriorityP429medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
1.96%
77.8th percentile
Visual truncation vulnerability in KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar via an http URI with a large amount of whitespace in the user/password portion.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| kde | konqueror | — | — |
CVSS provenance
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
vendor_redhat6.8MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-rm3p-fh82-w8mf: Visual truncation vulnerability in KDE Konqueror 3
ghsa_unreviewed·2022-05-01
CVE-2007-4225 [MEDIUM] GHSA-rm3p-fh82-w8mf: Visual truncation vulnerability in KDE Konqueror 3
Visual truncation vulnerability in KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar via an http URI with a large amount of whitespace in the user/password portion.
Ubuntu
KDE vulnerabilities
vendor_ubuntu·2007-08-26
CVE-2007-3820 KDE vulnerabilities
Title: KDE vulnerabilities
Summary: KDE vulnerabilities
It was discovered that Konqueror could be tricked into displaying
incorrect URLs. Remote attackers could exploit this to increase their
chances of tricking a user into visiting a phishing URL, which could
lead to credential theft.
Instructions: After a standard system upgrade you need to restart your session to
effect the necessary changes.
Red Hat
CVE-2007-4225: Visual truncation vulnerability in KDE Konqueror 3
vendor_redhat·CVSS 6.8
CVE-2007-4225 [MEDIUM] CVE-2007-4225: Visual truncation vulnerability in KDE Konqueror 3
Visual truncation vulnerability in KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar via an http URI with a large amount of whitespace in the user/password portion.
Statement: Not vulnerable. Not vulnerable. These issues did not affect the versions of konqueror as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2007-4224 URL spoof in address bar
bugzilla·2007-08-10·CVSS 2.6
CVE-2007-4224 [LOW] CVE-2007-4224 URL spoof in address bar
CVE-2007-4224 URL spoof in address bar
Common Vulnerabilities and Exposures assigned an identifier CVE-2007-4224
to the following vulnerability:
KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar by calling setInterval with a small interval and changing the window.location property.
References:
http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065101.html
Discussion:
KDE security advisory targeting CVE-2007-3820, CVE-2007-4224 and CVE-2007-4225
with references to official upstream patches:
http://www.kde.org/info/security/advisory-20070816-1.txt
---
this is a low severity flaw which does not trigger the need for a security
update to kde. We will fix this issue when other issues of higher severity
trigger a kde security update.
Bugzilla
CVE-2007-3820 Spoofing of URI possible in Konqueror's address bar
bugzilla·2007-07-17·CVSS 2.6
CVE-2007-3820 [LOW] CVE-2007-3820 Spoofing of URI possible in Konqueror's address bar
CVE-2007-3820 Spoofing of URI possible in Konqueror's address bar
Description of problem:
An URI that appears in the address bar is scrolled to the right,
and thus a long URI padded with whitespace can be used to trick
user.
Version-Release number of selected component (if applicable):
CVE-2007-3820 Probably Affects: RHEL2.1
CVE-2007-3820 Probably Affects: RHEL3
CVE-2007-3820 Affects: RHEL4
CVE-2007-3820 Affects: RHEL5
CVE-2007-3820 Affects: FC6
CVE-2007-3820 Affects: FC7
Steps to Reproduce:
1. Visit http://alt.swiecki.net/oper1.html
tp://alt.swiecki.net/oper1.html with konqueror
Actual results:
http://alt.swiecki.net/konq.png
Additional info:
An data: URI (with inline HTML) can contain real spaces, not just %20.
Discussion:
Created attachment 159428
Upstream patch for CVE-2007
http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065101.htmlhttp://secunia.com/advisories/26351http://secunia.com/advisories/26612http://secunia.com/advisories/26690http://secunia.com/advisories/26720http://secunia.com/advisories/27089http://secunia.com/advisories/27096http://securityreason.com/securityalert/2982http://securitytracker.com/id?1018579http://www.kde.org/info/security/advisory-20070816-1.txthttp://www.mandriva.com/security/advisories?name=MDKSA-2007:176http://www.ubuntu.com/usn/usn-502-1http://www.vupen.com/english/advisories/2007/2807https://exchange.xforce.ibmcloud.com/vulnerabilities/35829https://issues.rpath.com/browse/RPL-1615https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00022.htmlhttps://www.redhat.com/archives/fedora-package-announce/2007-October/msg00084.htmlhttp://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065101.htmlhttp://secunia.com/advisories/26351http://secunia.com/advisories/26612http://secunia.com/advisories/26690http://secunia.com/advisories/26720http://secunia.com/advisories/27089http://secunia.com/advisories/27096http://securityreason.com/securityalert/2982http://securitytracker.com/id?1018579http://www.kde.org/info/security/advisory-20070816-1.txthttp://www.mandriva.com/security/advisories?name=MDKSA-2007:176http://www.ubuntu.com/usn/usn-502-1http://www.vupen.com/english/advisories/2007/2807https://exchange.xforce.ibmcloud.com/vulnerabilities/35829https://issues.rpath.com/browse/RPL-1615https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00022.htmlhttps://www.redhat.com/archives/fedora-package-announce/2007-October/msg00084.html
2007-08-08
Published