CVE-2004-1158

Common Vulnerabilities and Exposures

Upstream information

CVE-2004-1158 at MITRE

Description

Konqueror 3.x up to 3.2.2-6, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window or tab whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability.

NVD CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

Novell/SUSE information

Novell Bugzilla entry: 64194

SUSE Security Advisories:

SUSE-SR:2004:004, published Thursday, Dec 16th 2004 12:00 MEST
SUSE-SR:2004:005, published Tuesday, Dec 21th 2004 15:00 MEST
SUSE-SR:2005:001, published Wednesday, Jan 12th 2004 18:00 MEST
SUSE-SR:2005:003, published Wednesday, Feb 4th 2005 15:00 MEST

List of released packages

Product(s)	Fixed package version(s)	References
SuSE Linux Desktop 1.0	`kdelibs3 >= 3.1.1-153`	ul1.s390 ul1.s390x suse91.ppc ul1.x86-64 ul1.ppc ul1.ia64 suse91.x86-64 suse91.s390x suse91.x86 slox4,2.x86 suse91.ia64 suse91.s390 YOU Patch Nr: 9804
SuSE Linux Enterprise Server 8 for AMD64 SuSE Linux Enterprise Server 8 for IBM zSeries UnitedLinux 1.0	`kdelibs3 >= 3.0.3-212` `kdelibs3-32bit >= 8.1-72`	ul1.s390 ul1.s390x suse91.ppc ul1.x86-64 ul1.ppc ul1.ia64 suse91.x86-64 suse91.s390x suse91.x86 slox4,2.x86 suse91.ia64 suse91.s390 YOU Patch Nr: 9804
Novell Linux Desktop 9 for x86	`kdelibs3 >= 3.2.1-44.39`	ul1.s390 ul1.s390x suse91.ppc ul1.x86-64 ul1.ppc ul1.ia64 suse91.x86-64 suse91.s390x suse91.x86 slox4,2.x86 suse91.ia64 suse91.s390 YOU Patch Nr: 9804
SUSE LINUX Retail Solution 8 SuSE Linux Enterprise Server 8 for IBM iSeries and IBM pSeries SuSE Linux Enterprise Server 8 for IPF SuSE Linux Openexchange Server 4 SuSE Linux School Server for i386 SuSE Linux Standard Server 8 UnitedLinux 1.0	`kdelibs3 >= 3.0.3-212`	ul1.s390 ul1.s390x suse91.ppc ul1.x86-64 ul1.ppc ul1.ia64 suse91.x86-64 suse91.s390x suse91.x86 slox4,2.x86 suse91.ia64 suse91.s390 YOU Patch Nr: 9804
SuSE Linux Desktop 1.0	`kdebase3 >= 3.1.1-167`	ul1.s390 suse91.s390 suse91.ia64 suse91.s390x suse91.x86-64 suse91.x86 ul1.s390x suse91.ppc ul1.ia64 slox4,2.x86 ul1.x86-64 ul1.ppc YOU Patch Nr: 9803
Novell Linux Desktop 9 for x86	`kdebase3 >= 3.2.1-68.36`	ul1.s390 suse91.s390 suse91.ia64 suse91.s390x suse91.x86-64 suse91.x86 ul1.s390x suse91.ppc ul1.ia64 slox4,2.x86 ul1.x86-64 ul1.ppc YOU Patch Nr: 9803
SUSE LINUX Retail Solution 8 SuSE Linux Enterprise Server 8 for AMD64 SuSE Linux Enterprise Server 8 for IBM iSeries and IBM pSeries SuSE Linux Enterprise Server 8 for IBM zSeries SuSE Linux Enterprise Server 8 for IPF SuSE Linux Openexchange Server 4 SuSE Linux School Server for i386 SuSE Linux Standard Server 8 UnitedLinux 1.0	`kdebase3 >= 3.0.3-270`	ul1.s390 suse91.s390 suse91.ia64 suse91.s390x suse91.x86-64 suse91.x86 ul1.s390x suse91.ppc ul1.ia64 slox4,2.x86 ul1.x86-64 ul1.ppc YOU Patch Nr: 9803

Products

Products By Category

Collaboration

Endpoint Management

File & Networking Services

Services & Support

Help Yourself

Let Us Help

Download

IT Consulting

Technical Training

Customer Center

Contribute

Partners

Partner With Novell

PartnerNet

Find a Partner

Developers

Communities

About Novell

How to Buy