Visual Truncation Vulnerability in KDE Konqueror by KDE
CVE-2007-4225

Currently unrated

Key Information:

Vendor: Kde
Status: Konqueror
Vendor: CVE Published:; 8 August 2007

What is CVE-2007-4225?

The vulnerability identified in KDE Konqueror 3.5.7 arises from an issue in the handling of URLs, where an attacker can exploit the application by placing excessive whitespace in the user/password section of an HTTP URI. This design flaw enables remote attackers to manipulate the appearance of the URL address bar, potentially leading users to believe they are accessing a valid site when they are not. Such spoofing can undermine user trust and lead to phishing attempts, making it critical for users to remain vigilant when interacting with web resources using this browser version.

References

http://securityreason.com/securityalert/2982

third-party-advisoryx_refsource_SREASON

https://www.redhat.com/archives/fedora-package-announce/2...

vendor-advisoryx_refsource_FEDORA

https://www.redhat.com/archives/fedora-package-announce/2...

vendor-advisoryx_refsource_FEDORA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 8, 2007
Vulnerability Reserved
Aug 8, 2007

CVE-2007-4225 Data

JSON

Kde

What is CVE-2007-4225?

References

Timeline