FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

URI handler vulnerabilities in several browsers

Affected packages
linux-opera < 7.50
opera < 7.50
kdelibs < 3.2.2_3

Details

VuXML ID df333ede-a8ce-11d8-9c6d-0020ed76ef5a
Discovery 2004-05-12
Entry 2004-05-18

Karol Wiesek and Greg MacManus reported via iDEFENSE that the Opera web browser contains a flaw in the handling of certain URIs. When presented with these URIs, Opera would invoke external commands to process them after some validation. However, if the hostname component of a URI begins with a `-', it may be treated as an option by an external command. This could have undesirable side-effects, from denial-of-service to code execution. The impact is very dependent on local configuration.

After the iDEFENSE advisory was published, the KDE team discovered similar problems in KDE's URI handlers.

References

CVE Name CVE-2004-0411
URL http://freebsd.kde.org/index.php#n20040517
URL http://www.idefense.com/application/poi/display?id=104&type=vulnerabilities
URL http://www.kde.org/info/security/advisory-20040517-1.txt