Apple Safari / Konqueror SCRIPT tag filtering bypass - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Apple Safari / Konqueror SCRIPT tag filtering bypass
Published: 24.01.2007
Source: BUGTRAQ
SecurityVulns ID: 7091
Type: client
Level: 3/10
Description: Brower follows <script> tags within HTML comment. It violates HTML standard.

Affected: KDE : KDE 3.5
APPLE : MacOS X 10.4
KDE : Konqueror 3.5
CVE: CVE-2007-0537 (The KDE HTML library (kdelibs), as used by Konqueror 3.5.5, does not properly parse HTML comments, which allows remote attackers to conduct cross-site scripting (XSS) attacks and bypass some XSS protection schemes by embedding certain HTML tags within a comment in a title tag, a related issue to CVE-2007-0478.)
CVE-2007-0478 (Apple Safari does not properly parse HTML comments, which allows remote attackers to conduct cross-site scripting (XSS) attacks and bypass some XSS protection schemes by embedding certain HTML tags within an HTML comment.)

Original document Jose Avila III, Safari Improperly Parses HTML Documents & BlogSpot XSS vulnerability (24.01.2007)

Discuss: Read or add your comments to this news (0 comments)