[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id: <201104120920.39164.timb@nth-dimension.org.uk>
Date: Tue, 12 Apr 2011 09:20:26 +0100
From: Tim Brown <timb@...-dimension.org.uk>
To: full-disclosure@...ts.grok.org.uk
Cc: bugtraq@...urityfocus.com
Subject: Re: Medium severity flaw in Konqueror
On Tuesday 12 April 2011 03:36:24 Vincent Danen wrote:
> * [2011-04-11 22:07:24 +0100] Tim Brown wrote:
> >I was recently taking a look at Konquerer and spotted an example of
> >universal XSS. Essentially, the error page displayed when a requested
> >URL is not available includes said URL. If said URL includes HTML
> >fragments these will be rendered. CVE-2010-2952 has been assigned to
> >this issue.
>
> Actually, CVE-2011-1168 was assigned to this issue as noted in the
> upstream advisory:
>
> http://www.kde.org/info/security/advisory-20110411-1.txt
Hi Vincent,
You're quite right, not sure how the wrong CVE ended up in the email. That's
a different CVE for another of my advisories :/.
Tim
--
Tim Brown
<mailto:timb@...-dimension.org.uk>
<http://www.nth-dimension.org.uk/>
Download attachment "signature.asc " of type "application/pgp-signature" (837 bytes)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists