Bug 142393
| Summary: | CAN-2004-1158 Frame injection vulnerability. | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 3 | Reporter: | Josh Bressers <bressers> |
| Component: | kdebase | Assignee: | Than Ngo <than> |
| Status: | CLOSED ERRATA | QA Contact: | Ben Levenson <benl> |
| Severity: | high | Docs Contact: | |
| Priority: | medium | ||
| Version: | 3.0 | CC: | than |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | impact=important,public=20041208 | ||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2005-02-10 16:43:12 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Josh Bressers
2004-12-09 15:01:35 UTC
The secunia demo no longer works. I've created a demo located here http://people.redhat.com/bressers/spoof_test/ This demo only partially work for konqueror on RHEL2.1. The "Test with popup blocking enabled" link works as expected. The other link does not. somwhow the konqueror on RHEL2.1 does not work with our testcase. secunia has already created a working testcase today. please use the testcase from secunia The test for this issue can be found here: http://secunia.com/multiple_browsers_window_injection_vulnerability_test/ An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2005-009.html |