Address Bar Spoofing in Konqueror by KDE
CVE-2007-3820

Currently unrated

Key Information:

Vendor: Kde
Status: Konqueror
Vendor: CVE Published:; 17 July 2007

What is CVE-2007-3820?

A vulnerability exists in Konqueror 3.5.7 that allows remote attackers to spoof the data: URI scheme displayed in the browser's address bar. By constructing a specially crafted long URI that ends with trailing whitespace, the attacker can obscure the actual starting point of the URI, leading users to believe they are visiting a legitimate site while they may actually be under their control. This vulnerability underscores the importance of caution when clicking on links and the need for robust security measures.

References

http://alt.swiecki.net/oper1.html

x_refsource_MISC

http://www.redhat.com/support/errata/RHSA-2007-0909.html

vendor-advisoryx_refsource_REDHAT

https://www.redhat.com/archives/fedora-package-announce/2...

vendor-advisoryx_refsource_FEDORA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 17, 2007
Vulnerability Reserved
Jul 16, 2007

CVE-2007-3820 Data

JSON

Kde

What is CVE-2007-3820?

References

Timeline