Bug#561753: kde4libs: remote info disclosure via css

To: submit@bugs.debian.org
Subject: Bug#561753: kde4libs: remote info disclosure via css
From: Michael Gilbert <michael.s.gilbert@gmail.com>
Date: Sat, 19 Dec 2009 23:05:34 -0500
Message-id: <[🔎] 20091219230534.74948ec2.michael.s.gilbert@gmail.com>
Reply-to: Michael Gilbert <michael.s.gilbert@gmail.com>, 561753@bugs.debian.org

package: kde4libs
version: 4:4.3.4-1
severity: important
tags: security

hi,

it has been disclosed that it is possible for any website to query the
user's site viewing history via css.  please see [0].  i have not
personally checked whether this package is vulnerable, but it seems to
be a general css design issue, so all css-supporting browsers are
likely affected. please check, and feel free to close the bug if the
package is not affected.   thanks.

mike

Reply to:

Prev by Date: Bug#561754: qt4-x11: remote info disclosure via css
Next by Date: Bug#561759: qt4-x11: predictable random number generator used
Previous by thread: Bug#561754: qt4-x11: remote info disclosure via css
Next by thread: Bug#561759: qt4-x11: predictable random number generator used
Index(es):
- Date
- Thread