Showing 1 - 1 of 1

CVE-2017-6410

Status Candidate

Overview

kpac/script.cpp in KDE kio before 5.32 and kdelibs before 4.14.30 calls the PAC FindProxyForURL function with a full https URL (potentially including Basic Authentication credentials, a query string, or PATH_INFO), which allows remote attackers to obtain sensitive information via a crafted PAC file.

Related Files

Ubuntu Security Notice USN-3223-1: Posted Mar 9, 2017; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3223-1 - Itzik Kotler, Yonatan Fridburg, and Amit Klein discovered that KDE-Libs incorrectly handled certain PAC files. A remote attacker could possibly use this issue to obtain sensitive information.; tags | advisory, remote; systems | linux, ubuntu; advisories | CVE-2017-6410; SHA-256 | d4e196e5024d06854c8a489e80f6c017a074a14e60920fd3db55aeee7fdd95b0; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 219 files
Ubuntu 55 files
LiquidWorm 20 files
Debian 18 files
Apple 9 files
indoushka 5 files
Gentoo 5 files
Google Security Research 4 files
Alter Prime 3 files
Chokri Hammedi 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,158)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,830)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,245)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,969)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

CVE-2017-6410

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems