CVE-2011-1168

Common Vulnerabilities and Exposures

Upstream information

CVE-2011-1168 at MITRE

Description

Cross-site scripting (XSS) vulnerability in the KHTMLPart::htmlError function in khtml/khtml_part.cpp in Konqueror in KDE SC 4.4.0 through 4.6.1 allows remote attackers to inject arbitrary web script or HTML via the URI in a URL corresponding to an unavailable web site.

NVD CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)

Novell/SUSE information

Novell Bugzilla entry: 686652, 686814

SUSE Security Advisories:

SUSE-SR:2011:009, published Tue, 17 May 2011 10:00:00 +0000
SUSE-SR:2011:010, published Tue, 31 May 2011 08:00:00 +0000
openSUSE-SU-2011:0480-1, published Thu, 12 May 2011 20:08:18 +0200 (CEST)

List of released packages

Product(s)	Fixed package version(s)	References
openSUSE 11.2	`kdelibs4-core-debuginfo >= 4.3.5-0.5.1` `kdelibs4-debuginfo >= 4.3.5-0.5.1` `kdelibs4-debugsource >= 4.3.5-0.5.1` `kdelibs4-doc-debuginfo >= 4.3.5-0.5.1` `libkde4-debuginfo >= 4.3.5-0.5.1` `libkde4-debuginfo-32bit >= 4.3.5-0.5.1` `libkdecore4-debuginfo >= 4.3.5-0.5.1` `libkdecore4-debuginfo-32bit >= 4.3.5-0.5.1` `libkdecore4-devel-debuginfo >= 4.3.5-0.5.1`
openSUSE 11.2	`kdelibs4 >= 4.3.5-0.5.1` `kdelibs4-branding-upstream >= 4.3.5-0.5.1` `kdelibs4-core >= 4.3.5-0.5.1` `kdelibs4-doc >= 4.3.5-0.5.1` `libkde4 >= 4.3.5-0.5.1` `libkde4-32bit >= 4.3.5-0.5.1` `libkde4-devel >= 4.3.5-0.5.1` `libkdecore4 >= 4.3.5-0.5.1` `libkdecore4-32bit >= 4.3.5-0.5.1` `libkdecore4-devel >= 4.3.5-0.5.1`
openSUSE 11.3	`kdelibs4-core-debuginfo >= 4.4.4-3.6.1` `kdelibs4-debuginfo >= 4.4.4-3.6.1` `kdelibs4-debugsource >= 4.4.4-3.6.1` `kdelibs4-doc-debuginfo >= 4.4.4-3.6.1` `libkde4-debuginfo >= 4.4.4-3.6.1` `libkde4-debuginfo-32bit >= 4.4.4-3.6.1` `libkdecore4-debuginfo >= 4.4.4-3.6.1` `libkdecore4-debuginfo-32bit >= 4.4.4-3.6.1` `libkdecore4-devel-debuginfo >= 4.4.4-3.6.1` `libksuseinstall1-debuginfo >= 4.4.4-3.6.1` `libksuseinstall1-debuginfo-32bit >= 4.4.4-3.6.1`
openSUSE 11.3	`kdelibs4 >= 4.4.4-3.6.1` `kdelibs4-branding-upstream >= 4.4.4-3.6.1` `kdelibs4-core >= 4.4.4-3.6.1` `kdelibs4-doc >= 4.4.4-3.6.1` `libkde4 >= 4.4.4-3.6.1` `libkde4-32bit >= 4.4.4-3.6.1` `libkde4-devel >= 4.4.4-3.6.1` `libkdecore4 >= 4.4.4-3.6.1` `libkdecore4-32bit >= 4.4.4-3.6.1` `libkdecore4-devel >= 4.4.4-3.6.1` `libksuseinstall-devel >= 4.4.4-3.6.1` `libksuseinstall1 >= 4.4.4-3.6.1` `libksuseinstall1-32bit >= 4.4.4-3.6.1`
openSUSE 11.4 DEBUGINFO	`kdelibs4-core-debuginfo >= 4.6.0-6.15.1` `kdelibs4-debuginfo >= 4.6.0-6.15.1` `kdelibs4-debugsource >= 4.6.0-6.15.1` `kdelibs4-doc-debuginfo >= 4.6.0-6.15.1` `libkde4-debuginfo >= 4.6.0-6.15.1` `libkde4-debuginfo-32bit >= 4.6.0-6.15.1` `libkdecore4-debuginfo >= 4.6.0-6.15.1` `libkdecore4-debuginfo-32bit >= 4.6.0-6.15.1` `libkdecore4-devel-debuginfo >= 4.6.0-6.15.1` `libksuseinstall1-debuginfo >= 4.6.0-6.15.1` `libksuseinstall1-debuginfo-32bit >= 4.6.0-6.15.1`
openSUSE 11.4	`kdelibs4 >= 4.6.0-6.15.1` `kdelibs4-branding-upstream >= 4.6.0-6.15.1` `kdelibs4-core >= 4.6.0-6.15.1` `kdelibs4-doc >= 4.6.0-6.15.1` `libkde4 >= 4.6.0-6.15.1` `libkde4-32bit >= 4.6.0-6.15.1` `libkde4-devel >= 4.6.0-6.15.1` `libkdecore4 >= 4.6.0-6.15.1` `libkdecore4-32bit >= 4.6.0-6.15.1` `libkdecore4-devel >= 4.6.0-6.15.1` `libksuseinstall-devel >= 4.6.0-6.15.1` `libksuseinstall1 >= 4.6.0-6.15.1` `libksuseinstall1-32bit >= 4.6.0-6.15.1`
SLE 11 SP1 DEBUGINFO	`kdelibs4-debuginfo >= 4.3.5-0.6.1` `kdelibs4-debugsource >= 4.3.5-0.6.1`	sle11-sp1-sdk.s390x sle11-sp1-sdk.ppc sle11-sp1-sdk.x86-64 sles11-sp1.x86 sles11-sp1.ia64 sled11-sp1.x86-64 sles11-sp1.x86-64 sles11-sp1.ppc sled11-sp1.x86 sles11-sp1-vmware.x86 sles11-sp1.s390x sles11-sp1-vmware.x86-64 SAT Patch Nr: 4407
SUSE Linux Enterprise Software Development Kit 11 SP1	`kdelibs4-doc >= 4.3.5-0.6.1` `libkde4-devel >= 4.3.5-0.6.1` `libkdecore4-devel >= 4.3.5-0.6.1`	sle11-sp1-sdk.s390x sle11-sp1-sdk.ppc sle11-sp1-sdk.x86-64 sles11-sp1.x86 sles11-sp1.ia64 sled11-sp1.x86-64 sles11-sp1.x86-64 sles11-sp1.ppc sled11-sp1.x86 sles11-sp1-vmware.x86 sles11-sp1.s390x sles11-sp1-vmware.x86-64 SAT Patch Nr: 4407
SUSE Linux Enterprise Software Development Kit 11 SP1	`kdelibs4-doc >= 4.3.5-0.6.1` `libkde4-32bit >= 4.3.5-0.6.1` `libkde4-devel >= 4.3.5-0.6.1` `libkdecore4-32bit >= 4.3.5-0.6.1` `libkdecore4-devel >= 4.3.5-0.6.1`	sle11-sp1-sdk.s390x sle11-sp1-sdk.ppc sle11-sp1-sdk.x86-64 sles11-sp1.x86 sles11-sp1.ia64 sled11-sp1.x86-64 sles11-sp1.x86-64 sles11-sp1.ppc sled11-sp1.x86 sles11-sp1-vmware.x86 sles11-sp1.s390x sles11-sp1-vmware.x86-64 SAT Patch Nr: 4407
SUSE Linux Enterprise Desktop 11 SP1	`kdelibs4 >= 4.3.5-0.6.1` `kdelibs4-core >= 4.3.5-0.6.1` `libkde4 >= 4.3.5-0.6.1` `libkdecore4 >= 4.3.5-0.6.1`	sle11-sp1-sdk.s390x sle11-sp1-sdk.ppc sle11-sp1-sdk.x86-64 sles11-sp1.x86 sles11-sp1.ia64 sled11-sp1.x86-64 sles11-sp1.x86-64 sles11-sp1.ppc sled11-sp1.x86 sles11-sp1-vmware.x86 sles11-sp1.s390x sles11-sp1-vmware.x86-64 SAT Patch Nr: 4407
SUSE Linux Enterprise Desktop 11 SP1	`kdelibs4 >= 4.3.5-0.6.1` `kdelibs4-core >= 4.3.5-0.6.1` `libkde4 >= 4.3.5-0.6.1` `libkde4-32bit >= 4.3.5-0.6.1` `libkdecore4 >= 4.3.5-0.6.1` `libkdecore4-32bit >= 4.3.5-0.6.1`	sle11-sp1-sdk.s390x sle11-sp1-sdk.ppc sle11-sp1-sdk.x86-64 sles11-sp1.x86 sles11-sp1.ia64 sled11-sp1.x86-64 sles11-sp1.x86-64 sles11-sp1.ppc sled11-sp1.x86 sles11-sp1-vmware.x86 sles11-sp1.s390x sles11-sp1-vmware.x86-64 SAT Patch Nr: 4407
SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 11 SP1 for VMware	`kdelibs4 >= 4.3.5-0.6.1` `kdelibs4-core >= 4.3.5-0.6.1` `kdelibs4-doc >= 4.3.5-0.6.1` `libkde4 >= 4.3.5-0.6.1` `libkdecore4 >= 4.3.5-0.6.1`	sle11-sp1-sdk.s390x sle11-sp1-sdk.ppc sle11-sp1-sdk.x86-64 sles11-sp1.x86 sles11-sp1.ia64 sled11-sp1.x86-64 sles11-sp1.x86-64 sles11-sp1.ppc sled11-sp1.x86 sles11-sp1-vmware.x86 sles11-sp1.s390x sles11-sp1-vmware.x86-64 SAT Patch Nr: 4407
SUSE Linux Enterprise Server 11 SP1	`kdelibs4 >= 4.3.5-0.6.1` `kdelibs4-core >= 4.3.5-0.6.1` `kdelibs4-doc >= 4.3.5-0.6.1` `libkde4 >= 4.3.5-0.6.1` `libkde4-x86 >= 4.3.5-0.6.1` `libkdecore4 >= 4.3.5-0.6.1` `libkdecore4-x86 >= 4.3.5-0.6.1`	sle11-sp1-sdk.s390x sle11-sp1-sdk.ppc sle11-sp1-sdk.x86-64 sles11-sp1.x86 sles11-sp1.ia64 sled11-sp1.x86-64 sles11-sp1.x86-64 sles11-sp1.ppc sled11-sp1.x86 sles11-sp1-vmware.x86 sles11-sp1.s390x sles11-sp1-vmware.x86-64 SAT Patch Nr: 4407
SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 11 SP1 for VMware	`kdelibs4 >= 4.3.5-0.6.1` `kdelibs4-core >= 4.3.5-0.6.1` `kdelibs4-doc >= 4.3.5-0.6.1` `libkde4 >= 4.3.5-0.6.1` `libkde4-32bit >= 4.3.5-0.6.1` `libkdecore4 >= 4.3.5-0.6.1` `libkdecore4-32bit >= 4.3.5-0.6.1`	sle11-sp1-sdk.s390x sle11-sp1-sdk.ppc sle11-sp1-sdk.x86-64 sles11-sp1.x86 sles11-sp1.ia64 sled11-sp1.x86-64 sles11-sp1.x86-64 sles11-sp1.ppc sled11-sp1.x86 sles11-sp1-vmware.x86 sles11-sp1.s390x sles11-sp1-vmware.x86-64 SAT Patch Nr: 4407