ID

VAR-200701-0295


CVE

CVE-2007-0537


TITLE

KDE kdelibs Cross-site scripting vulnerability due to title tag

Trust: 0.8

sources: JVNDB: JVNDB-2007-000221

DESCRIPTION

The KDE HTML library (kdelibs), as used by Konqueror 3.5.5, does not properly parse HTML comments, which allows remote attackers to conduct cross-site scripting (XSS) attacks and bypass some XSS protection schemes by embedding certain HTML tags within a comment in a title tag, a related issue to CVE-2007-0478. As a result, authentication information may be leaked. Konquerer is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied data. Exploiting this issue may help the attacker steal cookie-based authentication credentials and launch other attacks. All versions of KDE up to and including KDE 3.5.6 are vulnerable to this issue. Apple Safari web browser is also vulnerable to this issue. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200703-10 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Low Title: KHTML: Cross-site scripting (XSS) vulnerability Date: March 10, 2007 Bugs: #165606 ID: 200703-10 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== The KHTML component shipped with the KDE libraries is prone to a cross-site scripting (XSS) vulnerability. Background ========== KDE is a feature-rich graphical desktop environment for Linux and Unix-like Operating Systems. KHTML is the HTML interpreter used in Konqueror and other parts of KDE. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 kde-base/kdelibs < 3.5.5-r8 >= 3.5.5-r8 Description =========== The KHTML code allows for the execution of JavaScript code located inside the "Title" HTML element, a related issue to the Safari error found by Jose Avila. Impact ====== When viewing a HTML page that renders unsanitized attacker-supplied input in the page title, Konqueror and other parts of KDE will execute arbitrary JavaScript code contained in the page title, allowing for the theft of browser session data or cookies. Workaround ========== There is no known workaround at this time. Resolution ========== All KDElibs users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=kde-base/kdelibs-3.5.5-r8" References ========== [ 1 ] CVE-2007-0537 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0537 [ 2 ] CVE-2007-0478 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0478 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200703-10.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org. License ======= Copyright 2007 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . =========================================================== Ubuntu Security Notice USN-420-1 February 06, 2007 kdelibs vulnerability CVE-2007-0537 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.10 Ubuntu 6.06 LTS Ubuntu 6.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 5.10: kdelibs4c2 4:3.4.3-0ubuntu2.2 Ubuntu 6.06 LTS: kdelibs4c2a 4:3.5.2-0ubuntu18.2 Ubuntu 6.10: kdelibs4c2a 4:3.5.5-0ubuntu3.1 After a standard system upgrade you need to restart your session to effect the necessary changes. By tricking a Konqueror user into visiting a malicious website, an attacker could bypass cross-site scripting protections. Updated packages for Ubuntu 5.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.4.3-0ubuntu2.2.diff.gz Size/MD5: 330443 7bf67340aef75bbafe1bf0f517ad0677 http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.4.3-0ubuntu2.2.dsc Size/MD5: 1523 9a013d5dc8f7953036af99dd264f9811 http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.4.3.orig.tar.gz Size/MD5: 19981388 36e7a8320bd95760b41c4849da170100 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-data_3.4.3-0ubuntu2.2_all.deb Size/MD5: 6970448 a0a541bd78cb848da8aa97ac4b29d0fe http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-doc_3.4.3-0ubuntu2.2_all.deb Size/MD5: 29298458 f04629ca27bafeaa897a86839fc6e645 http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.4.3-0ubuntu2.2_all.deb Size/MD5: 30714 8ec392ba5ba0f78e9b12dd9d025019d6 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-bin_3.4.3-0ubuntu2.2_amd64.deb Size/MD5: 926668 3e7c767a9eeb80d0a85640d7dbfb53d7 http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.4.3-0ubuntu2.2_amd64.deb Size/MD5: 1309046 e73c5de672193ac0385a28dd3accf646 http://security.ubuntu.com/ubuntu/pool/universe/k/kdelibs/kdelibs4c2-dbg_3.4.3-0ubuntu2.2_amd64.deb Size/MD5: 22552842 287114119aee64a256f8fce295e9d034 http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2_3.4.3-0ubuntu2.2_amd64.deb Size/MD5: 9109026 aa34fe2f02d9772ad8e25bb36e573505 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-bin_3.4.3-0ubuntu2.2_i386.deb Size/MD5: 814498 1eace86f58caf3f936c77e749a45ffc6 http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.4.3-0ubuntu2.2_i386.deb Size/MD5: 1305652 0ce209d9c2c5ed846dbb1edc16fe5606 http://security.ubuntu.com/ubuntu/pool/universe/k/kdelibs/kdelibs4c2-dbg_3.4.3-0ubuntu2.2_i386.deb Size/MD5: 19410566 85751508b7f13b790cbda8d795930a72 http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2_3.4.3-0ubuntu2.2_i386.deb Size/MD5: 8072650 9caf6a826bb790e309036555f40b9b8d powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-bin_3.4.3-0ubuntu2.2_powerpc.deb Size/MD5: 909782 0a1cbec28532ca006c7ddcb6990a6e65 http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.4.3-0ubuntu2.2_powerpc.deb Size/MD5: 1310430 f31f57e3c37f8c12e586cfa0084dc203 http://security.ubuntu.com/ubuntu/pool/universe/k/kdelibs/kdelibs4c2-dbg_3.4.3-0ubuntu2.2_powerpc.deb Size/MD5: 22763768 b1aba1f6b9ef2c454f2172d442302b49 http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2_3.4.3-0ubuntu2.2_powerpc.deb Size/MD5: 8433768 18b2c898ed6d40844c19635d8b85e8a2 sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-bin_3.4.3-0ubuntu2.2_sparc.deb Size/MD5: 831058 158b90fe780e29e6618cf4b7f9f96bc8 http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.4.3-0ubuntu2.2_sparc.deb Size/MD5: 1307028 b1c14bf29a7622ac3844c68a652bf21c http://security.ubuntu.com/ubuntu/pool/universe/k/kdelibs/kdelibs4c2-dbg_3.4.3-0ubuntu2.2_sparc.deb Size/MD5: 20031538 f2778deea8ef14eb9b3e90f5ed97ab50 http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2_3.4.3-0ubuntu2.2_sparc.deb Size/MD5: 8241130 26c0145f1abb71b0a3ea5a89214df223 Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.2-0ubuntu18.2.diff.gz Size/MD5: 477706 5d236a3b69a4bae7b81d337e58a2c3fe http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.2-0ubuntu18.2.dsc Size/MD5: 1609 0a27d1f21c1374d8abf8ea0dba0abf79 http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.2.orig.tar.gz Size/MD5: 18775353 00c878d449522fb8aa2769a4c5ae1fde Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-data_3.5.2-0ubuntu18.2_all.deb Size/MD5: 7083858 f74b97726f683b5eca3798bd8f7ae2a1 http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-doc_3.5.2-0ubuntu18.2_all.deb Size/MD5: 41496444 87e2fc31c4dd95cd7d87aeee51dec330 http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.2-0ubuntu18.2_all.deb Size/MD5: 35748 636e14773798c30ddf4c0a87b3d5cd39 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-bin_3.5.2-0ubuntu18.2_amd64.deb Size/MD5: 925624 1ba9b88fc6456c6dac97693532412fde http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.2-0ubuntu18.2_amd64.deb Size/MD5: 26451886 2eaed22c02f68909ebe219629a774dc6 http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.2-0ubuntu18.2_amd64.deb Size/MD5: 1355626 1458250a60303a07ad551ce343ae23ec http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.2-0ubuntu18.2_amd64.deb Size/MD5: 9406898 7f952f591c7345216bfc0bb42277875d i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-bin_3.5.2-0ubuntu18.2_i386.deb Size/MD5: 814970 cc6ae65176411013a8dea78a77151e25 http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.2-0ubuntu18.2_i386.deb Size/MD5: 22925204 60d4c71b837e82da16d2b1ad75cbf628 http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.2-0ubuntu18.2_i386.deb Size/MD5: 1352256 1ceee31122ff0fe680fbdbebbd6c8ced http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.2-0ubuntu18.2_i386.deb Size/MD5: 8334452 427cd25652287fc52ba2bdbd028c2f33 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-bin_3.5.2-0ubuntu18.2_powerpc.deb Size/MD5: 905950 4b29acb4cc1a8fb52ff9bb7b3715b0d3 http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.2-0ubuntu18.2_powerpc.deb Size/MD5: 26718664 f92f6f62ab9b9bbd0da8cb649dbeb132 http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.2-0ubuntu18.2_powerpc.deb Size/MD5: 1356968 a6e62679f09dbafa54137204af905494 http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.2-0ubuntu18.2_powerpc.deb Size/MD5: 8689506 0b3b6f533712eb6a8143827d2b01b015 sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-bin_3.5.2-0ubuntu18.2_sparc.deb Size/MD5: 827096 17f46503797d14c6be17c7fd890ac843 http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.2-0ubuntu18.2_sparc.deb Size/MD5: 23623320 36aefb75ec36a60d3308392842556130 http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.2-0ubuntu18.2_sparc.deb Size/MD5: 1353298 9627c92acea5abc671668d0b5ecfd744 http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.2-0ubuntu18.2_sparc.deb Size/MD5: 8491558 dd2fe11d276e78bb16bd42bc34452c20 Updated packages for Ubuntu 6.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.5-0ubuntu3.1.diff.gz Size/MD5: 734200 8d5db0d6c6070468a32841b75a9e0d83 http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.5-0ubuntu3.1.dsc Size/MD5: 1691 7a23f4f003e66e4a4fb90f620a0de347 http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.5.orig.tar.gz Size/MD5: 18926397 65e455d5814142ee992097230ffe7e80 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-data_3.5.5-0ubuntu3.1_all.deb Size/MD5: 7210528 1e62a8249a44e98da5ba24c1eaa1d4f0 http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-doc_3.5.5-0ubuntu3.1_all.deb Size/MD5: 39981890 5469fd4b98d68f0e01ddb4bd5ba7d904 http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.5-0ubuntu3.1_all.deb Size/MD5: 37742 2b1ebdb5648cbd390ecd1fa8d6b2d7e4 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.5-0ubuntu3.1_amd64.deb Size/MD5: 27050664 b7884e4a85307416811f755e2ed967aa http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.5-0ubuntu3.1_amd64.deb Size/MD5: 1345432 c2cd5e2b9433e629ae366965b47c30c6 http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.5-0ubuntu3.1_amd64.deb Size/MD5: 10401586 f02e2f09dfd27d09f2a00daaaa6a7969 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.5-0ubuntu3.1_i386.deb Size/MD5: 26229446 ae021c2a0a95f237a934962a39e13821 http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.5-0ubuntu3.1_i386.deb Size/MD5: 1343076 5e46eaa9d38a6876671efd18ac052ef5 http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.5-0ubuntu3.1_i386.deb Size/MD5: 9555316 4573d9f461ff2a441a13ac744e8f27e5 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.5-0ubuntu3.1_powerpc.deb Size/MD5: 28018226 74bc9b1b1e11817b33e3027213462fa0 http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.5-0ubuntu3.1_powerpc.deb Size/MD5: 1347170 df48d8bc10826c2805d607f4d52eb738 http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.5-0ubuntu3.1_powerpc.deb Size/MD5: 9782346 4d5986ecf7ace1bd5bf275d101f98e03 sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.5-0ubuntu3.1_sparc.deb Size/MD5: 25362410 e80c7336df062cac6690d745d91730fc http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.5-0ubuntu3.1_sparc.deb Size/MD5: 1343134 cc62c0d393cacc36a552c304cee9b2a1 http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.5-0ubuntu3.1_sparc.deb Size/MD5: 9473018 dfff27cb2bcb323d51d4b16e11453d49 . Also affects kdelibs 3.5.6, as per KDE official advisory. Updated packages have been patched to prevent this. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0537 _______________________________________________________________________ Updated Packages: Mandriva Linux 2007.1: 290249d063eb99aa0267060e28bd3d63 2007.1/i586/kdelibs-common-3.5.6-11.1mdv2007.1.i586.rpm 0392bf166e2b95b8274f67e24066dc8a 2007.1/i586/kdelibs-devel-doc-3.5.6-11.1mdv2007.1.i586.rpm 06107eb81ff8b184812f7a8ae31b52b9 2007.1/i586/libkdecore4-3.5.6-11.1mdv2007.1.i586.rpm ffb71260989867bcec7d7fae45b86b5a 2007.1/i586/libkdecore4-devel-3.5.6-11.1mdv2007.1.i586.rpm 2f2938b43f88a2a197e6cc90b35c63b8 2007.1/SRPMS/kdelibs-3.5.6-11.1mdv2007.1.src.rpm Mandriva Linux 2007.1/X86_64: 258cf38cce814a12a44c79c283de7c3d 2007.1/x86_64/kdelibs-common-3.5.6-11.1mdv2007.1.x86_64.rpm 70b9d63ac375ba65fb6c6b526dfe80f0 2007.1/x86_64/kdelibs-devel-doc-3.5.6-11.1mdv2007.1.x86_64.rpm ee0681c70efd4cebb72a23b773d56f09 2007.1/x86_64/lib64kdecore4-3.5.6-11.1mdv2007.1.x86_64.rpm 664da181e64ab3f343b265cac6de0e87 2007.1/x86_64/lib64kdecore4-devel-3.5.6-11.1mdv2007.1.x86_64.rpm 2f2938b43f88a2a197e6cc90b35c63b8 2007.1/SRPMS/kdelibs-3.5.6-11.1mdv2007.1.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) iD8DBQFGvN99mqjQ0CJFipgRAkoiAJ9cYCEKSJXMFS0+C1kOsR82hamhUQCdHdlA 0d14cDmgZcJ1DxJi7dCNr3E= =ix0J -----END PGP SIGNATURE-----

Trust: 2.52

sources: NVD: CVE-2007-0537 // JVNDB: JVNDB-2007-000221 // BID: 22428 // BID: 23020 // PACKETSTORM: 55049 // PACKETSTORM: 54183 // PACKETSTORM: 54252 // PACKETSTORM: 58491

AFFECTED PRODUCTS

vendor:kdemodel:konquerorscope:eqversion:3.5.5

Trust: 2.4

vendor:kdemodel:kdescope:lteversion:3.5.6

Trust: 0.8

vendor:cybertrustmodel:asianux serverscope:eqversion:3 (x86)

Trust: 0.8

vendor:cybertrustmodel:asianux serverscope:eqversion:3 (x86-64)

Trust: 0.8

vendor:cybertrustmodel:asianux serverscope:eqversion:4.0

Trust: 0.8

vendor:cybertrustmodel:asianux serverscope:eqversion:4.0 (x86-64)

Trust: 0.8

vendor:turbo linuxmodel:turbolinuxscope:eqversion:10_f

Trust: 0.8

vendor:turbo linuxmodel:turbolinux desktopscope:eqversion:10

Trust: 0.8

vendor:turbo linuxmodel:turbolinux fujiscope: - version: -

Trust: 0.8

vendor:turbo linuxmodel:turbolinux multimediascope: - version: -

Trust: 0.8

vendor:turbo linuxmodel:turbolinux personalscope: - version: -

Trust: 0.8

vendor:turbo linuxmodel:turbolinux serverscope:eqversion:10

Trust: 0.8

vendor:turbo linuxmodel:turbolinux serverscope:eqversion:10 (x64)

Trust: 0.8

vendor:turbo linuxmodel:homescope: - version: -

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:4 (as)

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:4 (es)

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:4 (ws)

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:5 (server)

Trust: 0.8

vendor:red hatmodel:enterprise linux desktopscope:eqversion:4.0

Trust: 0.8

vendor:red hatmodel:enterprise linux desktopscope:eqversion:5.0 (client)

Trust: 0.8

vendor:red hatmodel:rhel desktop workstationscope:eqversion:5 (client)

Trust: 0.8

vendor:ubuntumodel:linux sparcscope:eqversion:5.10

Trust: 0.3

vendor:ubuntumodel:linux powerpcscope:eqversion:5.10

Trust: 0.3

vendor:ubuntumodel:linux i386scope:eqversion:5.10

Trust: 0.3

vendor:ubuntumodel:linux amd64scope:eqversion:5.10

Trust: 0.3

vendor:ubuntumodel:linux sparcscope:eqversion:6.10

Trust: 0.3

vendor:ubuntumodel:linux powerpcscope:eqversion:6.10

Trust: 0.3

vendor:ubuntumodel:linux i386scope:eqversion:6.10

Trust: 0.3

vendor:ubuntumodel:linux amd64scope:eqversion:6.10

Trust: 0.3

vendor:ubuntumodel:linux lts sparcscope:eqversion:6.06

Trust: 0.3

vendor:ubuntumodel:linux lts powerpcscope:eqversion:6.06

Trust: 0.3

vendor:ubuntumodel:linux lts i386scope:eqversion:6.06

Trust: 0.3

vendor:ubuntumodel:linux lts amd64scope:eqversion:6.06

Trust: 0.3

vendor:turbolinuxmodel:serverscope:eqversion:10.0

Trust: 0.3

vendor:turbolinuxmodel:serverscope:eqversion:10.0.0x64

Trust: 0.3

vendor:turbolinuxmodel:desktopscope:eqversion:10.0

Trust: 0.3

vendor:turbolinuxmodel:fujiscope: - version: -

Trust: 0.3

vendor:turbolinuxmodel:f...scope:eqversion:10

Trust: 0.3

vendor:turbolinuxmodel:homescope: - version: -

Trust: 0.3

vendor:turbolinuxmodel:fujiscope:eqversion:0

Trust: 0.3

vendor:susemodel:linux enterprise server sdkscope:eqversion:9

Trust: 0.3

vendor:susemodel:linux enterprise server sp3scope:eqversion:9

Trust: 0.3

vendor:susemodel:linux enterprise serverscope:eqversion:9

Trust: 0.3

vendor:susemodel:linux enterprise serverscope:eqversion:10

Trust: 0.3

vendor:susemodel:linux enterprise sdkscope:eqversion:9

Trust: 0.3

vendor:susemodel:linux enterprise sdkscope:eqversion:10

Trust: 0.3

vendor:susemodel:linux enterprise desktopscope:eqversion:10

Trust: 0.3

vendor:susemodel:linux professional x86 64scope:eqversion:10.2

Trust: 0.3

vendor:susemodel:linux personal x86 64scope:eqversion:10.2

Trust: 0.3

vendor:s u s emodel:unitedlinuxscope:eqversion:1.0

Trust: 0.3

vendor:s u s emodel:suse linux standard serverscope:eqversion:8.0

Trust: 0.3

vendor:s u s emodel:suse linux school server for i386scope: - version: -

Trust: 0.3

vendor:s u s emodel:suse linux retail solutionscope:eqversion:8.0

Trust: 0.3

vendor:s u s emodel:suse linux openexchange serverscope:eqversion:4.0

Trust: 0.3

vendor:s u s emodel:suse linux open-xchangescope:eqversion:4.1

Trust: 0.3

vendor:s u s emodel:suse core forscope:eqversion:9x86

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:10.2

Trust: 0.3

vendor:s u s emodel:open-enterprise-serverscope:eqversion:9.0

Trust: 0.3

vendor:s u s emodel:open-enterprise-serverscope:eqversion:1

Trust: 0.3

vendor:s u s emodel:open-enterprise-serverscope:eqversion:0

Trust: 0.3

vendor:s u s emodel:office serverscope: - version: -

Trust: 0.3

vendor:s u s emodel:novell linux posscope:eqversion:9

Trust: 0.3

vendor:s u s emodel:novell linux desktopscope:eqversion:9.0

Trust: 0.3

vendor:s u s emodel:novell linux desktopscope:eqversion:1.0

Trust: 0.3

vendor:s u s emodel:linux professional ossscope:eqversion:10.0

Trust: 0.3

vendor:s u s emodel:linux professionalscope:eqversion:10.0

Trust: 0.3

vendor:s u s emodel:linux professionalscope:eqversion:10.2

Trust: 0.3

vendor:s u s emodel:linux professionalscope:eqversion:10.1

Trust: 0.3

vendor:s u s emodel:linux personal ossscope:eqversion:10.0

Trust: 0.3

vendor:s u s emodel:linux personalscope:eqversion:10.2

Trust: 0.3

vendor:s u s emodel:linux personalscope:eqversion:10.1

Trust: 0.3

vendor:s u s emodel:linux openexchange serverscope: - version: -

Trust: 0.3

vendor:s u s emodel:linux office serverscope: - version: -

Trust: 0.3

vendor:s u s emodel:linux enterprise server for s/390scope:eqversion:9.0

Trust: 0.3

vendor:s u s emodel:linux enterprise server for s/390scope: - version: -

Trust: 0.3

vendor:s u s emodel:linux desktopscope:eqversion:1.0

Trust: 0.3

vendor:s u s emodel:linux desktopscope:eqversion:10

Trust: 0.3

vendor:s u s emodel:linux database serverscope:eqversion:0

Trust: 0.3

vendor:s u s emodel:linuxscope:eqversion:10.1x86-64

Trust: 0.3

vendor:s u s emodel:linuxscope:eqversion:10.1x86

Trust: 0.3

vendor:s u s emodel:linux ppcscope:eqversion:10.1

Trust: 0.3

vendor:s u s emodel:linuxscope:eqversion:10.0x86-64

Trust: 0.3

vendor:s u s emodel:linuxscope:eqversion:10.0x86

Trust: 0.3

vendor:s u s emodel:linux ppcscope:eqversion:10.0

Trust: 0.3

vendor:rpathmodel:linuxscope:eqversion:1

Trust: 0.3

vendor:pardusmodel:linuxscope:eqversion:2007.1

Trust: 0.3

vendor:mandrivamodel:linux mandrake x86 64scope:eqversion:2007.1

Trust: 0.3

vendor:mandrivamodel:linux mandrakescope:eqversion:2007.1

Trust: 0.3

vendor:mandrivamodel:linux mandrake x86 64scope:eqversion:2007.0

Trust: 0.3

vendor:mandrivamodel:linux mandrakescope:eqversion:2007.0

Trust: 0.3

vendor:mandrakesoftmodel:corporate server x86 64scope:eqversion:4.0

Trust: 0.3

vendor:mandrakesoftmodel:corporate server x86 64scope:eqversion:3.0

Trust: 0.3

vendor:mandrakesoftmodel:corporate serverscope:eqversion:3.0

Trust: 0.3

vendor:mandrakesoftmodel:corporate serverscope:eqversion:4.0

Trust: 0.3

vendor:kdemodel:libkhtmlscope:eqversion:4.2

Trust: 0.3

vendor:kdemodel:konquerorscope:eqversion:3.5.2

Trust: 0.3

vendor:kdemodel:konquerorscope:eqversion:3.5.1

Trust: 0.3

vendor:kdemodel:konquerorscope:eqversion:3.3.2

Trust: 0.3

vendor:kdemodel:konquerorscope:eqversion:3.3.1

Trust: 0.3

vendor:kdemodel:konquerorscope:eqversion:3.3

Trust: 0.3

vendor:kdemodel:konquerorscope:eqversion:3.2.3

Trust: 0.3

vendor:kdemodel:konquerorscope:eqversion:3.2.2-6

Trust: 0.3

vendor:kdemodel:konquerorscope:eqversion:3.2.1

Trust: 0.3

vendor:kdemodel:konquerorscope:eqversion:3.1.5

Trust: 0.3

vendor:kdemodel:konquerorscope:eqversion:3.1.4

Trust: 0.3

vendor:kdemodel:konquerorscope:eqversion:3.1.3

Trust: 0.3

vendor:kdemodel:konquerorscope:eqversion:3.1.2

Trust: 0.3

vendor:kdemodel:konquerorscope:eqversion:3.1.1

Trust: 0.3

vendor:kdemodel:konquerorscope:eqversion:3.1

Trust: 0.3

vendor:kdemodel:konqueror bscope:eqversion:3.0.5

Trust: 0.3

vendor:kdemodel:konquerorscope:eqversion:3.0.5

Trust: 0.3

vendor:kdemodel:konquerorscope:eqversion:3.0.3

Trust: 0.3

vendor:kdemodel:konquerorscope:eqversion:3.0.2

Trust: 0.3

vendor:kdemodel:konquerorscope:eqversion:3.0.1

Trust: 0.3

vendor:kdemodel:konquerorscope:eqversion:3.0

Trust: 0.3

vendor:kdemodel:konquerorscope:eqversion:2.2.2

Trust: 0.3

vendor:kdemodel:konquerorscope:eqversion:2.2.1

Trust: 0.3

vendor:kdemodel:konquerorscope:eqversion:2.1.2

Trust: 0.3

vendor:kdemodel:konquerorscope:eqversion:2.1.1

Trust: 0.3

vendor:kdemodel:kdelibsscope:eqversion:3.5.4

Trust: 0.3

vendor:kdemodel:kdelibsscope:eqversion:3.5.2

Trust: 0.3

vendor:kdemodel:kdelibsscope:eqversion:3.4.3

Trust: 0.3

vendor:kdemodel:kdelibsscope:eqversion:3.4.2

Trust: 0.3

vendor:kdemodel:kdelibsscope:eqversion:3.4

Trust: 0.3

vendor:kdemodel:kdelibsscope:eqversion:3.3.2

Trust: 0.3

vendor:kdemodel:kdelibsscope:eqversion:3.3.1

Trust: 0.3

vendor:kdemodel:kdelibsscope:eqversion:3.3

Trust: 0.3

vendor:kdemodel:kdelibsscope:eqversion:3.2.2

Trust: 0.3

vendor:kdemodel:kdelibsscope:eqversion:3.2.1

Trust: 0.3

vendor:kdemodel:kdelibsscope:eqversion:3.2

Trust: 0.3

vendor:kdemodel:kdelibsscope:eqversion:3.1.5

Trust: 0.3

vendor:kdemodel:kdelibsscope:eqversion:3.1.4

Trust: 0.3

vendor:kdemodel:kdelibsscope:eqversion:3.1.3

Trust: 0.3

vendor:kdemodel:kdelibsscope:eqversion:3.1.2

Trust: 0.3

vendor:kdemodel:kdelibsscope:eqversion:3.1.1

Trust: 0.3

vendor:kdemodel:kdelibsscope:eqversion:3.1

Trust: 0.3

vendor:kdemodel:kdelibsscope:eqversion:3.0

Trust: 0.3

vendor:kdemodel:kdelibsscope:eqversion:2.1.2

Trust: 0.3

vendor:kdemodel:kdelibsscope:eqversion:2.1.1

Trust: 0.3

vendor:kdemodel:kdelibsscope:eqversion:2.1

Trust: 0.3

vendor:kdemodel:kdelibsscope:eqversion:2.0.1

Trust: 0.3

vendor:kdemodel:kdelibsscope:eqversion:2.0

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:3.5.6

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:3.5.5

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:3.5.4

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:3.5.3

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:3.5.2

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:3.5.1

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:3.5

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:3.4.3

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:3.4.2

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:3.4.1

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:3.4

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:3.3.2

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:3.3.1

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:3.3

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:3.2.3

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:3.2.2

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:3.2.1

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:3.2

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:3.1.5

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:3.1.4

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:3.1.3

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:3.1.2

Trust: 0.3

vendor:kdemodel:ascope:eqversion:3.1.1

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:3.1.1

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:3.1

Trust: 0.3

vendor:kdemodel:bscope:eqversion:3.0.5

Trust: 0.3

vendor:kdemodel:ascope:eqversion:3.0.5

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:3.0.5

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:3.0.4

Trust: 0.3

vendor:kdemodel:ascope:eqversion:3.0.3

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:3.0.3

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:3.0.2

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:3.0.1

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:3.0

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:2.2.2

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:2.2.1

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:2.2

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:2.1.2

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:2.1.1

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:2.1

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:2.0.1

Trust: 0.3

vendor:kdemodel:betascope:eqversion:2.0

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:2.0

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:1.2

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:1.1.2

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:1.1.1

Trust: 0.3

vendor:kdemodel:kdescope:eqversion:1.1

Trust: 0.3

vendor:gentoomodel:linuxscope: - version: -

Trust: 0.3

vendor:applemodel:safari rss pre-releasescope:eqversion:2.0

Trust: 0.3

vendor:applemodel:safariscope:eqversion:2.0.4

Trust: 0.3

vendor:applemodel:safariscope:eqversion:2.0.3

Trust: 0.3

vendor:applemodel:safariscope:eqversion:2.0.2

Trust: 0.3

vendor:applemodel:safariscope:eqversion:2.0.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:1.3.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:1.3

Trust: 0.3

vendor:applemodel:safariscope:eqversion:1.2.3

Trust: 0.3

vendor:applemodel:safariscope:eqversion:1.2.2

Trust: 0.3

vendor:applemodel:safariscope:eqversion:1.2.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:1.2

Trust: 0.3

vendor:applemodel:safariscope:eqversion:1.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:1.0

Trust: 0.3

vendor:applemodel:safari betascope:eqversion:2

Trust: 0.3

vendor:applemodel:mobile safariscope:eqversion:0

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.10

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.9

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.8

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.7

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.6

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.5

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.9

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.8

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.7

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.6

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.5

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.10

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.9

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.8

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.7

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.9

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.8

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.7

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3

Trust: 0.3

vendor:fujitsumodel:interstage studio standard-j editionscope:eqversion:8.0.1

Trust: 0.3

vendor:fujitsumodel:interstage studio enterprise editionscope:eqversion:8.0.1

Trust: 0.3

vendor:fujitsumodel:interstage job workload serverscope:eqversion:8.1

Trust: 0.3

vendor:fujitsumodel:interstage business application server enterprisescope:eqversion:8.0.0

Trust: 0.3

vendor:fujitsumodel:interstage apworks modelers-j editionscope:eqversion:7.0

Trust: 0.3

vendor:fujitsumodel:interstage apworks modelers-j edition 6.0ascope: - version: -

Trust: 0.3

vendor:fujitsumodel:interstage apworks modelers-j editionscope:eqversion:6.0

Trust: 0.3

vendor:fujitsumodel:interstage application server web-j editionscope:eqversion:5.0

Trust: 0.3

vendor:fujitsumodel:interstage application server web-j editionscope:eqversion:4.0

Trust: 0.3

vendor:fujitsumodel:interstage application server standard-j editionscope:eqversion:8.0.2

Trust: 0.3

vendor:fujitsumodel:interstage application server standard editionscope:eqversion:7.0

Trust: 0.3

vendor:fujitsumodel:interstage application server standard editionscope:eqversion:5.0

Trust: 0.3

vendor:fujitsumodel:interstage application server standard editionscope:eqversion:4.0

Trust: 0.3

vendor:fujitsumodel:interstage application server standard editionscope:eqversion:3.0

Trust: 0.3

vendor:fujitsumodel:interstage application server plusscope:eqversion:7.0

Trust: 0.3

vendor:fujitsumodel:interstage application server enterprise editionscope:eqversion:8.0.2

Trust: 0.3

vendor:fujitsumodel:interstage application server enterprise editionscope:eqversion:8.0

Trust: 0.3

vendor:fujitsumodel:interstage application server enterprise editionscope:eqversion:7.0.1

Trust: 0.3

vendor:fujitsumodel:interstage application server enterprise editionscope:eqversion:5.0.1

Trust: 0.3

vendor:fujitsumodel:interstage application server enterprise editionscope:eqversion:7.0

Trust: 0.3

vendor:fujitsumodel:interstage application server enterprise editionscope:eqversion:6.0

Trust: 0.3

vendor:fujitsumodel:interstage application server enterprise editionscope:eqversion:5.0

Trust: 0.3

vendor:fujitsumodel:interstage application server enterprise editionscope:eqversion:4.0

Trust: 0.3

vendor:fujitsumodel:interstage application server enterprise editionscope:eqversion:3.0

Trust: 0.3

sources: BID: 22428 // BID: 23020 // JVNDB: JVNDB-2007-000221 // CNNVD: CNNVD-200701-477 // NVD: CVE-2007-0537

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2007-0537
value: LOW

Trust: 1.0

NVD: CVE-2007-0537
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-200701-477
value: LOW

Trust: 0.6

nvd@nist.gov: CVE-2007-0537
severity: LOW
baseScore: 2.6
vectorString: AV:N/AC:H/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 4.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: CVE-2007-0537
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

sources: JVNDB: JVNDB-2007-000221 // CNNVD: CNNVD-200701-477 // NVD: CVE-2007-0537

PROBLEMTYPE DATA

problemtype:CWE-79

Trust: 1.8

sources: JVNDB: JVNDB-2007-000221 // NVD: CVE-2007-0537

THREAT TYPE

remote

Trust: 0.8

sources: PACKETSTORM: 54183 // PACKETSTORM: 58491 // CNNVD: CNNVD-200701-477

TYPE

xss

Trust: 0.9

sources: PACKETSTORM: 54183 // PACKETSTORM: 54252 // PACKETSTORM: 58491 // CNNVD: CNNVD-200701-477

CONFIGURATIONS

sources: JVNDB: JVNDB-2007-000221

PATCH

title:kdelibs-3.5.5-11.15AXurl:https://tsn.miraclelinux.com/tsn_local/index.php?m=errata&a=detail&eid=48

Trust: 0.8

title:khtml/konqueror title XSS vulnerabilityurl:http://www.kde.org/info/security/advisory-20070206-1.txt

Trust: 0.8

title:kdelibs (V4.0)url:http://www.miraclelinux.com/support/update/list.php?errata_id=1153

Trust: 0.8

title:RHSA-2007:0909url:https://rhn.redhat.com/errata/RHSA-2007-0909.html

Trust: 0.8

title:TLSA-2007-19url:http://www.turbolinux.com/security/2007/TLSA-2007-19.txt

Trust: 0.8

title:RHSA-2007:0909url:http://www.jp.redhat.com/support/errata/RHSA/RHSA-2007-0909J.html

Trust: 0.8

title:TLSA-2007-19url:http://www.turbolinux.co.jp/security/2007/TLSA-2007-19j.txt

Trust: 0.8

sources: JVNDB: JVNDB-2007-000221

EXTERNAL IDS

db:NVDid:CVE-2007-0537

Trust: 3.4

db:BIDid:22428

Trust: 2.7

db:SECUNIAid:23932

Trust: 2.4

db:SECTRACKid:1017591

Trust: 2.4

db:SECUNIAid:24442

Trust: 1.6

db:SECUNIAid:24013

Trust: 1.6

db:SECUNIAid:24889

Trust: 1.6

db:SECUNIAid:24463

Trust: 1.6

db:SECUNIAid:27108

Trust: 1.6

db:SECUNIAid:24065

Trust: 1.6

db:OSVDBid:32975

Trust: 1.6

db:VUPENid:ADV-2007-0505

Trust: 1.6

db:JVNDBid:JVNDB-2007-000221

Trust: 0.8

db:SUSEid:SUSE-SR:2007:006

Trust: 0.6

db:REDHATid:RHSA-2007:0909

Trust: 0.6

db:MANDRIVAid:MDKSA-2007:031

Trust: 0.6

db:MANDRIVAid:MDKSA-2007:157

Trust: 0.6

db:BUGTRAQid:20070124 RE: SAFARI IMPROPERLY PARSES HTML DOCUMENTS & BLOGSPOT XSS VULNERABILITY

Trust: 0.6

db:UBUNTUid:USN-420-1

Trust: 0.6

db:GENTOOid:GLSA-200703-10

Trust: 0.6

db:CNNVDid:CNNVD-200701-477

Trust: 0.6

db:BIDid:23020

Trust: 0.3

db:PACKETSTORMid:55049

Trust: 0.1

db:PACKETSTORMid:54183

Trust: 0.1

db:PACKETSTORMid:54252

Trust: 0.1

db:PACKETSTORMid:58491

Trust: 0.1

sources: BID: 22428 // BID: 23020 // JVNDB: JVNDB-2007-000221 // PACKETSTORM: 55049 // PACKETSTORM: 54183 // PACKETSTORM: 54252 // PACKETSTORM: 58491 // CNNVD: CNNVD-200701-477 // NVD: CVE-2007-0537

REFERENCES

url:http://secunia.com/advisories/23932

Trust: 2.4

url:http://www.securityfocus.com/bid/22428

Trust: 2.4

url:http://securitytracker.com/id?1017591

Trust: 2.4

url:http://www.kde.org/info/security/advisory-20070206-1.txt

Trust: 1.9

url:https://issues.rpath.com/browse/rpl-1117

Trust: 1.6

url:http://www.ubuntu.com/usn/usn-420-1

Trust: 1.6

url:http://www.redhat.com/support/errata/rhsa-2007-0909.html

Trust: 1.6

url:http://www.novell.com/linux/security/advisories/2007_6_sr.html

Trust: 1.6

url:http://www.mandriva.com/security/advisories?name=mdksa-2007:157

Trust: 1.6

url:http://www.mandriva.com/security/advisories?name=mdksa-2007:031

Trust: 1.6

url:http://www.gentoo.org/security/en/glsa/glsa-200703-10.xml

Trust: 1.6

url:http://secunia.com/advisories/27108

Trust: 1.6

url:http://secunia.com/advisories/24889

Trust: 1.6

url:http://secunia.com/advisories/24463

Trust: 1.6

url:http://secunia.com/advisories/24442

Trust: 1.6

url:http://secunia.com/advisories/24065

Trust: 1.6

url:http://secunia.com/advisories/24013

Trust: 1.6

url:http://osvdb.org/32975

Trust: 1.6

url:http://www.frsirt.com/english/advisories/2007/0505

Trust: 1.4

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-0537

Trust: 1.1

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10244

Trust: 1.0

url:http://www.securityfocus.com/archive/1/457924/100/0/threaded

Trust: 1.0

url:http://www.vupen.com/english/advisories/2007/0505

Trust: 1.0

url:http://www.securityfocus.com/archive/1/archive/1/457924/100/0/threaded

Trust: 0.9

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-0537

Trust: 0.8

url:http://frontal2.mandriva.com/security/advisories?name=mdksa-2007:031

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2007-0537

Trust: 0.4

url:http://www.kde.org/

Trust: 0.3

url:http://www.konqueror.org/

Trust: 0.3

url:http://www.apple.com/safari/

Trust: 0.3

url:http://www.fujitsu.com/global/support/software/security/products-f/interstage-200701e.html

Trust: 0.3

url:http://jvn.jp/jp/jvn%2383832818/index.html

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2007-0478

Trust: 0.2

url:http://www.mandriva.com/security/

Trust: 0.2

url:http://www.mandriva.com/security/advisories

Trust: 0.2

url:http://bugs.gentoo.org.

Trust: 0.1

url:http://creativecommons.org/licenses/by-sa/2.5

Trust: 0.1

url:http://security.gentoo.org/glsa/glsa-200703-10.xml

Trust: 0.1

url:http://security.gentoo.org/

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-0478

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.2-0ubuntu18.2.dsc

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-bin_3.5.2-0ubuntu18.2_powerpc.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.4.3-0ubuntu2.2.diff.gz

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/universe/k/kdelibs/kdelibs4c2-dbg_3.4.3-0ubuntu2.2_amd64.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.4.3-0ubuntu2.2_powerpc.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/universe/k/kdelibs/kdelibs4c2-dbg_3.4.3-0ubuntu2.2_powerpc.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2_3.4.3-0ubuntu2.2_powerpc.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.2-0ubuntu18.2_amd64.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.2-0ubuntu18.2_i386.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2_3.4.3-0ubuntu2.2_amd64.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.5-0ubuntu3.1_amd64.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2_3.4.3-0ubuntu2.2_i386.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.4.3-0ubuntu2.2_i386.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/universe/k/kdelibs/kdelibs4c2-dbg_3.4.3-0ubuntu2.2_i386.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.5-0ubuntu3.1_powerpc.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.4.3-0ubuntu2.2_all.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.4.3-0ubuntu2.2_amd64.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-bin_3.5.2-0ubuntu18.2_amd64.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-data_3.4.3-0ubuntu2.2_all.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.2-0ubuntu18.2_powerpc.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.4.3-0ubuntu2.2.dsc

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.2-0ubuntu18.2_sparc.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-bin_3.4.3-0ubuntu2.2_i386.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-doc_3.5.2-0ubuntu18.2_all.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.2-0ubuntu18.2_sparc.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.2-0ubuntu18.2_amd64.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-bin_3.5.2-0ubuntu18.2_i386.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-bin_3.4.3-0ubuntu2.2_powerpc.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.2-0ubuntu18.2_sparc.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-bin_3.5.2-0ubuntu18.2_sparc.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.5-0ubuntu3.1_amd64.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.5-0ubuntu3.1_i386.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.5-0ubuntu3.1_sparc.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2_3.4.3-0ubuntu2.2_sparc.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.4.3.orig.tar.gz

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.5-0ubuntu3.1_amd64.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.2-0ubuntu18.2_powerpc.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.2.orig.tar.gz

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-data_3.5.2-0ubuntu18.2_all.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.2-0ubuntu18.2_all.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.5-0ubuntu3.1.diff.gz

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.5-0ubuntu3.1_i386.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.5-0ubuntu3.1_all.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-doc_3.5.5-0ubuntu3.1_all.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.2-0ubuntu18.2_i386.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.2-0ubuntu18.2_amd64.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-bin_3.4.3-0ubuntu2.2_sparc.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-doc_3.4.3-0ubuntu2.2_all.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/universe/k/kdelibs/kdelibs4c2-dbg_3.4.3-0ubuntu2.2_sparc.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.2-0ubuntu18.2_i386.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.4.3-0ubuntu2.2_sparc.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.5.orig.tar.gz

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-data_3.5.5-0ubuntu3.1_all.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.5-0ubuntu3.1_i386.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.2-0ubuntu18.2_powerpc.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.5-0ubuntu3.1_powerpc.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.5-0ubuntu3.1_powerpc.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.5-0ubuntu3.1_sparc.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.5-0ubuntu3.1.dsc

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.2-0ubuntu18.2.diff.gz

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.5-0ubuntu3.1_sparc.deb

Trust: 0.1

url:http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-bin_3.4.3-0ubuntu2.2_amd64.deb

Trust: 0.1

sources: BID: 22428 // BID: 23020 // JVNDB: JVNDB-2007-000221 // PACKETSTORM: 55049 // PACKETSTORM: 54183 // PACKETSTORM: 54252 // PACKETSTORM: 58491 // CNNVD: CNNVD-200701-477 // NVD: CVE-2007-0537

CREDITS

Apple

Trust: 0.6

sources: CNNVD: CNNVD-200701-477

SOURCES

db:BIDid:22428
db:BIDid:23020
db:JVNDBid:JVNDB-2007-000221
db:PACKETSTORMid:55049
db:PACKETSTORMid:54183
db:PACKETSTORMid:54252
db:PACKETSTORMid:58491
db:CNNVDid:CNNVD-200701-477
db:NVDid:CVE-2007-0537

LAST UPDATE DATE

2024-11-23T19:52:41.930000+00:00


SOURCES UPDATE DATE

db:BIDid:22428date:2015-03-19T09:23:00
db:BIDid:23020date:2007-03-19T20:14:00
db:JVNDBid:JVNDB-2007-000221date:2007-12-05T00:00:00
db:CNNVDid:CNNVD-200701-477date:2007-06-27T00:00:00
db:NVDid:CVE-2007-0537date:2024-11-21T00:26:07.630

SOURCES RELEASE DATE

db:BIDid:22428date:2007-02-06T00:00:00
db:BIDid:23020date:2007-03-19T00:00:00
db:JVNDBid:JVNDB-2007-000221date:2007-04-26T00:00:00
db:PACKETSTORMid:55049date:2007-03-14T00:54:51
db:PACKETSTORMid:54183date:2007-02-06T04:21:11
db:PACKETSTORMid:54252date:2007-02-08T04:48:24
db:PACKETSTORMid:58491date:2007-08-14T00:24:12
db:CNNVDid:CNNVD-200701-477date:2006-06-01T00:00:00
db:NVDid:CVE-2007-0537date:2007-01-29T16:28:00