New Search

The KDE HTML library (kdelibs) as used by Konqueror 3.5.5 does not properly parse HTML comments which allows remote attackers to conduct cross-site scripting (XSS) attacks and bypass some XSS protection schemes by embedding certain HTML tags within a comment in a title tag a related issue to CVE-2007-0478.

oval:org.mitre.oval:def:10244

The KDE HTML library (kdelibs) as used by Konqueror 3.5.5 does not properly parse HTML comments which allows remote attackers to conduct cross-site scripting (XSS) attacks and bypass some XSS protection schemes by embedding certain HTML tags within a comment in a title tag a related issue to CVE-2007-0478.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Oracle Linux 4
  • CentOS Linux 5
  • Red Hat Enterprise Linux 4
  • CentOS Linux 4
  • Red Hat Enterprise Linux 5
  • Oracle Linux 5
Class:
vulnerability
Reference(s):
  • CVE-2007-0537
Product(s):