PublicDate: 2007-06-11 18:30:00 UTC
Candidate: CVE-2007-3143
References: 
 http://www.securityfocus.com/bid/24352
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3143
Description:
 Visual truncation vulnerability in Konqueror 3.5.5 allows remote attackers
 to spoof the address bar and possibly conduct phishing attacks via a long
 hostname, which is truncated after a certain number of characters, as
 demonstrated by a phishing attack using HTTP Basic Authentication.
Ubuntu-Description: 
Notes: 
 jdstrand> CVE references konqueror 3.5.5, but securityfocus references
   opera.  securityfocus says that other browsers may be affected, and
   there is test exploit code.  Need to verify on konqueror.
 kees> this may already be solved from CVE-2007-3820, CVE-2007-4224,
   and CVE-2007-4225.
Bugs: 
Priority: low
Discovered-by:
Assigned-to: 
CVSS: 

upstream_opera: released (9.22)
dapper_opera: released (9.23-20070809.6dapper1)
edgy_opera: released (9.23-20070809.6edgy1)
feisty_opera: released (9.23-20070809.6feisty1)
gutsy_opera: released (9.25-20071214.6gutsy1)
devel_opera: released (9.25-20071214.6hardy1)

upstream_kdebase: not-affected (solved in other CVEs)
dapper_kdebase: not-affected (solved in other CVEs)
edgy_kdebase: not-affected (solved in other CVEs)
feisty_kdebase: not-affected (solved in other CVEs)
gutsy_kdebase: not-affected (solved in other CVEs)
devel_kdebase: not-affected (solved in other CVEs)