KDE HTML parser incorrectly handled content, forming the HTML page <head> element. A remote attacker could use this flaw to cause a denial of service (konqueror crash) or, potentially, execute arbitrary code, with the privileges of the user running "konqueror" web browser, if the victim was tricked to open a specially-crafted HTML page. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1690 http://support.apple.com/kb/HT3613 http://secunia.com/advisories/35379/ Upstream patch: http://trac.webkit.org/changeset/42532 Upstream PoC: http://trac.webkit.org/browser/trunk/LayoutTests/fast/parser/head-content-after-head-removal.html?format=txt
Upstream KDE 4.2 patch: http://websvn.kde.org/?view=rev&revision=983316
This issue has been addressed in following products: Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 Via RHSA-2009:1127 https://rhn.redhat.com/errata/RHSA-2009-1127.html
This also affects kdelibs 4.2.4 and kdelibs3 3.5.10 in Fedora.
For QtWebKit, this is fixed in Qt 4.5.2 which got pushed to Fedora updates recently. I didn't check earlier versions.
This one is fixed in Rawhide's kdelibs 4.2.98.
kdelibs-4.2.4-6.fc11 has been submitted as an update for Fedora 11. http://admin.fedoraproject.org/updates/kdelibs-4.2.4-6.fc11
kdelibs-4.2.4-6.fc10 has been submitted as an update for Fedora 10. http://admin.fedoraproject.org/updates/kdelibs-4.2.4-6.fc10
kdelibs3-3.5.10-13.fc11 has been submitted as an update for Fedora 11. http://admin.fedoraproject.org/updates/kdelibs3-3.5.10-13.fc11
kdelibs3-3.5.10-13.fc10 has been submitted as an update for Fedora 10. http://admin.fedoraproject.org/updates/kdelibs3-3.5.10-13.fc10
kdelibs-4.2.4-6.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.
kdelibs-4.2.4-6.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report.
kdelibs3-3.5.10-13.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.
kdelibs3-3.5.10-13.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report.