Candidate: CVE-2010-2536
PublicDate: 2010-08-02 21:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2536
Description:
 Multiple cross-site scripting (XSS) vulnerabilities in rekonq 0.5 and
 earlier allow remote attackers to inject arbitrary web script or HTML via
 (1) a URL associated with a nonexistent domain name, related to
 webpage.cpp, aka a "universal XSS" issue; (2) unspecified vectors related
 to webview.cpp; and the about: views for (3) favorites, (4) bookmarks, (5)
 closed tabs, and (6) history.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_rekonq:
upstream_rekonq: released (0.5.0-2)
dapper_rekonq: DNE
hardy_rekonq: DNE
jaunty_rekonq: DNE
karmic_rekonq: ignored (reached end-of-life)
lucid_rekonq: ignored (reached end-of-life)
maverick_rekonq: not-affected (0.6.0-0ubuntu1)
natty_rekonq: not-affected (0.6.0-0ubuntu1)
oneiric_rekonq: not-affected (0.6.0-0ubuntu1)
precise_rekonq: not-affected (0.6.0-0ubuntu1)
quantal_rekonq: not-affected (0.6.0-0ubuntu1)
raring_rekonq: not-affected (0.6.0-0ubuntu1)
saucy_rekonq: not-affected (0.6.0-0ubuntu1)
devel_rekonq: not-affected (0.6.0-0ubuntu1)