CVE-2011-1168

Cross-site scripting (XSS) vulnerability in the KHTMLPart::htmlError function in khtml/khtml_part.cpp in Konqueror in KDE SC 4.4.0 through 4.6.1 allows remote attackers to inject arbitrary web script or HTML via the URI in a URL corresponding to an unavailable web site.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 80%
VendorProductVersion
kdekde_sc
4.4.0
kdekde_sc
4.4.0:beta1
kdekde_sc
4.4.0:beta2
kdekde_sc
4.4.0:rc1
kdekde_sc
4.4.0:rc2
kdekde_sc
4.4.0:rc3
kdekde_sc
4.4.1
kdekde_sc
4.4.2
kdekde_sc
4.4.3
kdekde_sc
4.4.4
kdekde_sc
4.4.5
kdekde_sc
4.5.0
kdekde_sc
4.5.1
kdekde_sc
4.5.2
kdekde_sc
4.5.3
kdekde_sc
4.5.4
kdekde_sc
4.5.5
kdekde_sc
4.6:beta1
kdekde_sc
4.6:beta2
kdekde_sc
4.6:rc1
kdekde_sc
4.6:rc2
kdekde_sc
4.6.0
kdekde_sc
4.6.1
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
kde4libs
maverick
Fixed 4:4.5.1-0ubuntu8.1
released
lucid
Fixed 4:4.4.5-0ubuntu1.1
released
karmic
Fixed 4:4.3.2-0ubuntu7.3
released
hardy
ignored
dapper
dne
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html
http://secunia.com/advisories/44065
http://secunia.com/advisories/44108
http://securityreason.com/securityalert/8208
http://securitytracker.com/id?1025322
http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.329727
http://www.kde.org/info/security/advisory-20110411-1.txt
http://www.mandriva.com/security/advisories?name=MDVSA-2011:075
http://www.nth-dimension.org.uk/pub/NDSA20110321.txt.asc
http://www.securityfocus.com/archive/1/517432/100/0/threaded
http://www.securityfocus.com/archive/1/517433/100/0/threaded
http://www.securityfocus.com/bid/47304
http://www.ubuntu.com/usn/USN-1110-1
http://www.vupen.com/english/advisories/2011/0927
http://www.vupen.com/english/advisories/2011/0928
http://www.vupen.com/english/advisories/2011/0990
https://bugzilla.redhat.com/show_bug.cgi?id=695398
https://exchange.xforce.ibmcloud.com/vulnerabilities/66697
http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html
http://secunia.com/advisories/44065
http://secunia.com/advisories/44108
http://securityreason.com/securityalert/8208
http://securitytracker.com/id?1025322
http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.329727
http://www.kde.org/info/security/advisory-20110411-1.txt
http://www.mandriva.com/security/advisories?name=MDVSA-2011:075
http://www.nth-dimension.org.uk/pub/NDSA20110321.txt.asc
http://www.securityfocus.com/archive/1/517432/100/0/threaded
http://www.securityfocus.com/archive/1/517433/100/0/threaded
http://www.securityfocus.com/bid/47304
http://www.ubuntu.com/usn/USN-1110-1
http://www.vupen.com/english/advisories/2011/0927
http://www.vupen.com/english/advisories/2011/0928
http://www.vupen.com/english/advisories/2011/0990
https://bugzilla.redhat.com/show_bug.cgi?id=695398
https://exchange.xforce.ibmcloud.com/vulnerabilities/66697