security: Insufficient Input Validation By IO Slaves and Webkit Part
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
kde-runtime (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Precise |
Fix Released
|
Undecided
|
Unassigned | ||
Trusty |
Fix Released
|
Undecided
|
Unassigned | ||
Utopic |
Fix Released
|
Undecided
|
Unassigned | ||
Vivid |
Fix Released
|
Undecided
|
Unassigned | ||
kio-extras (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Precise |
Invalid
|
Undecided
|
Unassigned | ||
Trusty |
Invalid
|
Undecided
|
Unassigned | ||
Utopic |
Invalid
|
Undecided
|
Unassigned | ||
Vivid |
Fix Released
|
Undecided
|
Unassigned | ||
webkitkde (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Precise |
Fix Released
|
Undecided
|
Unassigned | ||
Trusty |
Fix Released
|
Undecided
|
Unassigned | ||
Utopic |
Fix Released
|
Undecided
|
Unassigned | ||
Vivid |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
https:/
verview
========
kwebkitpart and the bookmarks:// io slave were not sanitizing input correctly allowing to
some javascript being executed on the context of the referenced hostname. For example going to
bookmarks:
in Konqueror makes a Javascript alert popup.
Impact
======
Whilst in most cases, the JavaScript will be executed in an untrusted context, with the bookmarks IO slave,
it will be executed in the context of the referenced hostname. In the example above, this is hhdhdhhdhdhdh.
It should however be noted that KDE mitigates this risk by attempting to ensure that such URLs cannot be embedded directly
into Internet hosted content.
Related branches
CVE References
information type: | Public → Public Security |
Changed in kio-extras (Ubuntu Precise): | |
status: | New → Invalid |
Changed in kio-extras (Ubuntu Trusty): | |
status: | New → Invalid |
Changed in kio-extras (Ubuntu Utopic): | |
status: | New → Invalid |
This bug was fixed in the package webkitkde - 1.3.4-1ubuntu1
---------------
webkitkde (1.3.4-1ubuntu1) vivid; urgency=medium
* SECURITY UPDATE: Insufficient Input Validation By IO Slaves and cve-2014- 8600.diff to escape protocol twice: once /www.kde. org/info/ security/ advisory- 20141113- 1.txt
Webkit Part
- Add upstream_
for i18n, and once for HTML
- https:/
- CVE-2014-8600
- LP: #1393479
-- Jonathan Riddell <email address hidden> Mon, 17 Nov 2014 17:44:29 +0100