French Security Incident Response Team

FrSIRT   

      

   français French  anglais English

 
Vulnerability Notification Service
 FrSIRT Partner Program
 14-Day Free Trial
Contact FrSIRT Sales Dept.
 

Security Advisories
Linux Security Advisories
Virus and Threats Advisories
Latest Security News
Latest Zero Day Threats
Advisories and vulnerabilities by Vendor
Advisories and vulnerabilities by Keyword
 

Report a security incident
Report a new vulnerability
Security Mailinglist
 

Our Company
FrSIRT in the News
Advertise on FrSIRT.COM
Security Researchers and Exploit Writers Jobs
Contact Us

Fedora Security Update Fixes kdebase and kdelibs Address Bar Spoofing

Title : Fedora Security Update Fixes kdebase and kdelibs Address Bar Spoofing
Advisory ID : FrSIRT/ADV-2007-2922
CVE ID : CVE-2007-3820 - CVE-2007-4224 - CVE-2007-4225
Rated as : Low Risk 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-08-21

Advisory Details
 
  Description
  Affected Products
  Solution
  References
Technical Description    Receive FrSIRT alerts in a Text format  Receive FrSIRT alerts in a PDF format  Receive FrSIRT alerts in an XML format  Receive FrSIRT notifications by SMS 

Multiple vulnerabilities have been identified in Fedora, which could be exploited by malicious websites to conduct spoofing or phishing attacks [...]

Solution

Upgrade the affected packages :

e4bd55857163dd2c6da5ddd09a9e3b1a49488591 kdebase-devel-3.5.7-13.fc7.ppc64.rpm
19bcc8edb674fe9dea062eae5e94b0d4fc6e323e kdebase-debuginfo-3.5.7-13.fc7.ppc64.rpm
2c609ff611f3d9700b5459adcda9d44c390a7998 kdebase-3.5.7-13.fc7.ppc64.rpm
5f2b7a612c7db6c3d0787997b8ce4fc8791f06f0 kdebase-extras-3.5.7-13.fc7.ppc64.rpm
877e9f1e8d31f3f0634105958fe33aa94436db7f kdebase-3.5.7-13.fc7.i386.rpm
773cc39dd34f0ce208dbf3493563b69bf0f403de kdebase-debuginfo-3.5.7-13.fc7.i386.rpm
5935a1a1e6ae7865ba2c03c05e31a7e7172266a8 kdebase-extras-3.5.7-13.fc7.i386.rpm
e1848bcfec04c9238c1ef41116f85ad28160d3d3 kdebase-devel-3.5.7-13.fc7.i386.rpm
56f0e6bf6b5a26c00617db465ac7113c2cbbb574 kdebase-debuginfo-3.5.7-13.fc7.x86_64.rpm
afa554ac4d7aea98eff69c97fa4990d344dcbdca kdebase-3.5.7-13.fc7.x86_64.rpm
60cde6a1ce8905309568b506774ede609482f045 kdebase-extras-3.5.7-13.fc7.x86_64.rpm
25f5dafa61aa689e215b2d25cd6ed782d6b89030 kdebase-devel-3.5.7-13.fc7.x86_64.rpm
0cbde41479c3d1aaa247bd616b59efed3b6906aa kdebase-3.5.7-13.fc7.ppc.rpm
5994edd2fe49f7fa9e89e5bf5f3edff82e4d6490 kdebase-extras-3.5.7-13.fc7.ppc.rpm
2eb488eb1bb0c041d614a8c365a4a29eaeca0cfc kdebase-debuginfo-3.5.7-13.fc7.ppc.rpm
4113f1ef4056f66aba4781cd289bafda4165030b kdebase-devel-3.5.7-13.fc7.ppc.rpm
26f1d049c88e196c256f9edc6089b1660fb717d7 kdebase-3.5.7-13.fc7.src.rpm
da99b0c84992e7ddba7402d0b664b86644fc740f kdelibs-3.5.7-20.fc7.ppc64.rpm
2bbe1e5a48f17b17042e4a005df186d0c5200fb9 kdelibs-devel-3.5.7-20.fc7.ppc64.rpm
60145619267321a5b5a07a0ca75fc218712682af kdelibs-debuginfo-3.5.7-20.fc7.ppc64.rpm
fea397416fcddf526b3f298ba80e617c45e4c910 kdelibs-apidocs-3.5.7-20.fc7.ppc64.rpm
53578888d43d22a5fd07eff396fed9a3b09c22d8 kdelibs-apidocs-3.5.7-20.fc7.i386.rpm
459ef9591b3db30e753de1ac80e4770624ec11f3 kdelibs-devel-3.5.7-20.fc7.i386.rpm
89476ee168de0f491a26315d4ccec61d5735db95 kdelibs-debuginfo-3.5.7-20.fc7.i386.rpm
cedf5461e69ed9351754470b40db02cedea9808e kdelibs-3.5.7-20.fc7.i386.rpm
87db2cae70d5f174b94ccaefd4cb1063f30955c7 kdelibs-3.5.7-20.fc7.x86_64.rpm
f6dcc07324d042b4da805ccd4fe9f5e8f84019bf kdelibs-debuginfo-3.5.7-20.fc7.x86_64.rpm
69d46644da6f6095d780aa4b8d26844b4d26a387 kdelibs-apidocs-3.5.7-20.fc7.x86_64.rpm
4a3e81fa59e126243e5534bdd4165dc3fd8c6a3f kdelibs-devel-3.5.7-20.fc7.x86_64.rpm
d86e0364ccdcbf81665fb7eca25fe25e6f0940fc kdelibs-3.5.7-20.fc7.ppc.rpm
a9d5456dd26c8189bdd495213520e155f2c5cc9b kdelibs-apidocs-3.5.7-20.fc7.ppc.rpm
9bf77515e5a19079a9ba486468f8e00967ef2de8 kdelibs-devel-3.5.7-20.fc7.ppc.rpm
87bfc77c4ba5c39e012478ff70eaf03790d58abb kdelibs-debuginfo-3.5.7-20.fc7.ppc.rpm
b5d7faa3f87ad00efa2dc6fccfb29d99e5dc14da kdelibs-3.5.7-20.fc7.src.rpm

ChangeLog

2007-08-21 : Initial release

Vulnerability Management

Subscribe to FrSIRT VNS and receive real-time e-mail and SMS alerts when new vulnerabilities, exploits, or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form or by email to updates@frsirt.com.
 
 

Search
      

Mailinglist
    
 

Microsoft Windows Kernel Local Integer Overflow Vulnerability

Microsoft Windows Vista "WRITE_ANDX" Denial of Service Vulnerability

Microsoft Office OneNote URL Code Execution (MS08-055)

Microsoft GDI+ Multiple Code Execution Vulnerabilities (MS08-052)

Microsoft Visual Studio "Msmask32" Code Execution Vulnerability

Microsoft PowerPoint Command Execution Vulnerabilities (MS08-051)

Microsoft Windows Messenger Data Disclosure (MS08-050)

Cisco Unity Security Bypass and Denial of Service

Cisco UCM SIP Remote Denial of Service

Cisco IOS Denial of Service and Security Bypass Vulnerabilities

Cisco PIX and ASA Information Disclosure and DoS Vulnerabilities

Cisco Secure ACS EAP Remote Denial Of Service Vulnerability

Cisco Products Remote DNS Cache Poisoning Vulnerability

Cisco Wide Area Application Services CUPS Remote Vulnerability

IBM Lotus Quickr Denial of Service and Security Bypass Vulnerabilities

IBM Tivoli Netcool/Webtop Multiple Security Bypass Vulnerabilities

IBM WebSphere Application Server Security Exposure Vulnerabilities

IBM DB2 Universal Database Multiple Denial of Service

IBM AIX "swcons" Insecure Permission Privilege Escalation Vulnerability

IBM WebSphere Application Server Cross Site Scripting Vulnerability

IBM DB2 CLR Stored Procedures Unspecified Vulnerability

Copyright 2003-2008 © FrSIRT.COM - Privacy Policy