Description of problem:
An URI that appears in the address bar is scrolled to the right,
and thus a long URI padded with whitespace can be used to trick
Version-Release number of selected component (if applicable):
CVE-2007-3820 Probably Affects: RHEL2.1
CVE-2007-3820 Probably Affects: RHEL3
CVE-2007-3820 Affects: RHEL4
CVE-2007-3820 Affects: RHEL5
CVE-2007-3820 Affects: FC6
CVE-2007-3820 Affects: FC7
Steps to Reproduce:
1. Visit http://alt.swiecki.net/oper1.html
tp://alt.swiecki.net/oper1.html with konqueror
An data: URI (with inline HTML) can contain real spaces, not just %20.
Created attachment 159428 [details]
Upstream patch for CVE-2007-3820 Konqueror URI spoofing
Upstream patch in #c1 creates new problem, which got CVE name CVE-2007-4225.
KDE security advisory targeting CVE-2007-3820, CVE-2007-4224 and CVE-2007-4225
with references to official upstream patches:
it's only affected in RHEL-4/RHEL5, but not in RHEL-2.1 and RHEL-3
this is a low severity flaw which does not trigger the need for a security
update to kde. We will fix this issue when other issues of higher severity
trigger a kde security update.