Bug 243617 (CVE-2007-2022)

Summary: CVE-2007-2022 kdebase3 flash-player interaction problem
Product: [Other] Security Response Reporter: Mark J. Cox <mjc>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedCC: kseifried, than
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-09-28 15:20:35 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 243618, 243620, 243622    
Bug Blocks:    
Attachments:
Description Flags
proposed patch none

Description Mark J. Cox 2007-06-10 20:37:38 UTC 
According to
        http://www.novell.com/linux/security/advisories/2007_12_sr.html

A problem with the interaction between the Flash Player and the Konqueror web
browser was fixed. The problem could lead to key presses leaking to the applet
instead of the browser. (CVE-2007-2022)

Patch from Dirk Mueller.
Comment 1 Mark J. Cox 2007-06-10 20:37:38 UTC 
Created attachment 156673 [details]
proposed patch
Comment 2 Mark J. Cox 2007-06-11 08:57:03 UTC 
See also 
        http://www.adobe.com/support/security/advisories/apsa07-03.html

Setting impact=important
Comment 3 Than Ngo 2007-06-11 20:25:05 UTC 
it's fixed in
Comment 6 Kurt Seifried 2011-09-28 15:20:35 UTC 
This issue has been addressed in following products:

  Red Hat Linux Enterprise 3
  Red Hat Linux Enterprise 4
  Red Hat Linux Enterprise 4.5.z
  Red Hat Linux Enterprise 5

Via RHSA-2007:0494, https://rhn.redhat.com/errata/RHSA-2007-0494.html