rPSA-2007-0052-1 kdelibs
rPath Update Announcements
announce-noreply at rpath.com
Wed Mar 7 18:01:34 EST 2007
rPath Security Advisory: 2007-0052-1
Published: 2007-03-07
Products: rPath Linux 1
Rating: Minor
Exposure Level Classification:
Indirect Deterministic Weakness
Updated Versions:
kdelibs=/conary.rpath.com at rpl:devel//1/3.4.2-5.13-1
References:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0537
https://issues.rpath.com/browse/RPL-1117
Description:
Previous versions of the kdelibs package enable a cross-site
scripting (XSS) attack against the konquerer web browser by embedding
certain HTML tags within a comment in a title tag.
More information about the update-announce
mailing list