Bug 56627 (CVE-2004-0527)

Summary: VUL-0: CVE-2004-0527: konqueror: URL spoofing via image map
Product: [Novell Products] SUSE Security Incidents Reporter: Thomas Biege <thomas>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: security-team
Version: unspecified   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: CVE-2004-0527: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Thomas Biege 2004-06-04 18:08:12 UTC 
Hi, 
a url spoofing attack was discovered. 
 
---------- Forwarded message ---------- 
Date: Thu, 3 Jun 2004 18:38:14 -0400 (EDT) 
From: Steven M. Christey <coley@mitre.org> 
To: mjc@redhat.com, mdz@debian.org, nectar@celabo.org 
Cc: coley@mitre.org 
Subject: CAN-2004-0527 = KDE Konqueror "DEEP SEA PHISHING" issue 
 
 
SecurityFocus reported that KDE Konqueror is vulnerable to the "URL 
spoofing via image map" problem that was originally reported for 
Internet Explorer here: 
 
 BUGTRAQ:20040510 DEEP SEA PHISHING: Internet Explorer / Outlook Express 
 URL:http://marc.theaimsgroup.com/?l=bugtraq&m=108422905510713&w=2 
 BUGTRAQ:20040517 Microsoft Internet Explorer ImageMap URL Spoof Vulnerability 
 URL:http://archives.neohapsis.com/archives/bugtraq/2004-05/0161.html 
 
I've assigned CAN-2004-0527 to the issue. 
 
Hopefully this doesn't turn into a major "slippery slope" problem with 
who-knows-how-many variants to be discovered. 
 
- Steve 
 
 
====================================================== 
Candidate: CAN-2004-0527 
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0527 
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20040603 
Category: SF 
Reference: BID:10383 
Reference: URL:http://www.securityfocus.com/bid/10383 
 
KDE Konqueror 2.1.1 and 2.2.2 allows remote attackers to spoof a 
legitimate URL in the status bar via A HREF tags with modified "alt" 
values that point to the legitimate site, combined with an image map 
whose href points to the malicious site, which facilitates a 
"phishing" attack. 
----------------------------------------------------------------
Comment 1 Thomas Biege 2004-06-04 18:08:12 UTC 
<!-- SBZ_reproduce  -->
-
Comment 2 Thomas Biege 2004-06-21 17:12:17 UTC 
Hello kde-maintainers, 
we *need* an update.
Comment 3 Adrian Schröter 2004-06-21 17:21:40 UTC 
you should not report it to 9.2-pre than ..
Comment 4 Adrian Schröter 2004-06-21 21:23:49 UTC 
Thomas, are you sure we need updates for former distributions ? 
 
KDE considers this as not important enough to make an anouncement. 
 
A fixed package has been submitted to 9.1/SLES9 anyway.
Comment 5 Adrian Schröter 2004-06-21 21:35:03 UTC 
One sees the wrong url with mouse over the link, but the right one after 
clicking. So it is NOT the usual security case, where a user enters private 
data on page he tought he can trust.
Comment 6 Thomas Biege 2004-06-22 14:57:53 UTC 
we shouldn't be "päpstlicher als der Papst" in this case. ;)
Comment 7 Thomas Biege 2009-10-13 20:24:36 UTC 
CVE-2004-0527: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)