Security Bug in Konqueror, Updates for Seamonkey & Co
Following Firefox and Thunderbird, a known URL security bug was closed in the Seamonkey browser suite in August. A similar bug has now been found in Konqueror.
The current security bug in Konqueror could let attackers display an arbitrary website while the URL bar continues to show a trusted website status. The bug in the "setInterval()" function, which was discovered by Robert Swiecki, affects Konqueror version 3.5.7-01 in Fedora Core 6e according to security investigators Secunia. Other versions included with other distributions might also be affected. A patch is not currently available for the bug, which was classified as non-critical. Users with an affected version should avoid untrusted websites until a patch becomes available.
Three security holes have been closed in Mozilla Seamonkey; two of them also affected the Firefox browser and the Thunderbird email client. One of these bugs, which only affects Windows systems with Internet Explorer, gave attackers the ability to launch arbitrary executables in all three products by means of a specially crafted URL. Other applications are also said to be affected by the bug.
The two other bugs affect Linux systems and are disclosed in bug reports on mozilla.org. One bug occurred with add-ons that open an "about:blank" page. The second gave attackers the ability to execute malicious code by means of a specially crafted URL. Updated versions of all three Mozilla products are available from mozilla.org.
Issue 171/2015
Buy this issue as a PDF
News
-
Intel Unveils Compute Stick
Four-inch-long computer on a stick lets you boot a full Linux system from any HDMI display device.
-
Obama Proposes Personal Data Notification Law
New statute would require companies to report break-ins to consumers.
-
TGXf Project Warns of File Transfer through Screen Pixels
Weird data transfer technique avoids all standard security measures.
-
Industry Giants Announce a Fix for the Password Mess
FIDO alliance declares the beginning of the end for old-style login authentication.
-
Poll: Vote for the Best Open Source Software for Photographers
The Linux New Media Awards have honored the most significant products, projects, people, and organizations for open source/Linux every year since 2000.
-
Debian Gets Forked
Legendary Uber-distro splits over the systemd controversy.
-
Linux Mint Project Releases Mint 17.1
New LTS version offers many refinements for the Cinnamon and Mate desktops and significant improvement under the hood.
-
CeBIT Open Source Forum Call for Papers
One of CeBIT’s most successful forums returns in 2015.
-
TOR Network Isn’t So Anonymous
A new study says it is possible to unmask 81% of TOR users.
-
.NET Goes Open Source
Redmond joins the revolution by turning the .NET Core Runtime into a GitHub project.