Security Bug in Konqueror, Updates for Seamonkey & Co
Following Firefox and Thunderbird, a known URL security bug was closed in the Seamonkey browser suite in August. A similar bug has now been found in Konqueror.
The current security bug in Konqueror could let attackers display an arbitrary website while the URL bar continues to show a trusted website status. The bug in the "setInterval()" function, which was discovered by Robert Swiecki, affects Konqueror version 3.5.7-01 in Fedora Core 6e according to security investigators Secunia. Other versions included with other distributions might also be affected. A patch is not currently available for the bug, which was classified as non-critical. Users with an affected version should avoid untrusted websites until a patch becomes available.
Three security holes have been closed in Mozilla Seamonkey; two of them also affected the Firefox browser and the Thunderbird email client. One of these bugs, which only affects Windows systems with Internet Explorer, gave attackers the ability to launch arbitrary executables in all three products by means of a specially crafted URL. Other applications are also said to be affected by the bug.
The two other bugs affect Linux systems and are disclosed in bug reports on mozilla.org. One bug occurred with add-ons that open an "about:blank" page. The second gave attackers the ability to execute malicious code by means of a specially crafted URL. Updated versions of all three Mozilla products are available from mozilla.org.
Issue 161/2014
Buy this issue as a PDF
Digital Issue: Price $9.99
(incl. VAT)
Tag Cloud
News
-
Munich Adopts Kolab
The Bavarian capital shuns Microsoft, Google, and other alternatives to implement an open-source groupware solution.
-
Canonical Announces Ubuntu Smartphones
Phone vendor partnerships bring Mark Shuttleworth's dream of Ubuntu on a phone a step closer to reality.
-
Piviti Seeks Funding
Donors will get to vote on new features for the free video editor.
-
Debian Tech Committee Votes for systemd
Debian project puts init out to pasture and says no to Ubuntu's Upstart.
-
The Mask: Scary New Face of Internet Intrusion
Ultra-sophisticated attack tool might have originated from a state-sponsored intelligence service.
-
Epoch 1.0 Released
New alternative for init comes with a small footprint and minimal configuration.
-
Wayland 1.4 Challenges X11
X marks the target for the next-generation windowing system.
-
Red Hat Adopts CentOS
Super-clone CentOS Linux gets beamed up to the mother ship.
-
W3C Promotes Media Source Extensions
HTML technology will enable new video editing and playback options.
-
Valve Announces SteamOS Beta
New Linux distro is optimzed for gaming.