Description of problem: An URI that appears in the address bar is scrolled to the right, and thus a long URI padded with whitespace can be used to trick user. Version-Release number of selected component (if applicable): CVE-2007-3820 Probably Affects: RHEL2.1 CVE-2007-3820 Probably Affects: RHEL3 CVE-2007-3820 Affects: RHEL4 CVE-2007-3820 Affects: RHEL5 CVE-2007-3820 Affects: FC6 CVE-2007-3820 Affects: FC7 Steps to Reproduce: 1. Visit http://alt.swiecki.net/oper1.html tp://alt.swiecki.net/oper1.html with konqueror Actual results: http://alt.swiecki.net/konq.png Additional info: An data: URI (with inline HTML) can contain real spaces, not just %20.
Created attachment 159428 [details] Upstream patch for CVE-2007-3820 Konqueror URI spoofing
Upstream patch in #c1 creates new problem, which got CVE name CVE-2007-4225.
KDE security advisory targeting CVE-2007-3820, CVE-2007-4224 and CVE-2007-4225 with references to official upstream patches: http://www.kde.org/info/security/advisory-20070816-1.txt
it's only affected in RHEL-4/RHEL5, but not in RHEL-2.1 and RHEL-3
this is a low severity flaw which does not trigger the need for a security update to kde. We will fix this issue when other issues of higher severity trigger a kde security update.