Description from Secunia: Description: A 6 year old vulnerability has been discovered in multiple browsers, allowing malicious people to spoof the content of websites. The problem is that the browsers don't check if a target frame belongs to a website containing a malicious link, which therefore doesn't prevent one browser window from loading content in a named frame in another window. Successful exploitation allows a malicious website to load arbitrary content in an arbitrary frame in another browser window owned by e.g. a trusted site. Secunia has constructed a test, which can be used to check if your browser is affected by this issue: http://secunia.com/multiple_browsers_frame_injection_vulnerability_test/ Just tested Konqueror 3.2.2 and it is vulnerable. mozilla-firefox-0.8-r3 seems not to suffer from this.
Hardly exploitable, but should be fixed. Affected packages : net-www/opera net-www/mozilla net-www/firefox kde-base/kdebase (Konqueror) ...? Fixed packages : net-www/firefox >=0.9 net-www/mozilla >=1.7 Waiting for upstream fixes for Opera and Konqueror.
net-www/netscape-navigator is vulnerable (I'm assuming net-www/netscape-communicator is as well). Note that I tested this on OSX, but it should be vulnerable on Linux as well. Who still uses Netscape, anyway? ;)
Opera fixed with bug #56311 Patch available for Konqueror http://bugs.kde.org/show_bug.cgi?id=84352
KDE team: could you please look in the fix for Konqueror and issue a fixed ebuild ? For netscape-communicator, I suppose there won't be a fix so we might need to mask it.
I'd like to see a little more conversation on the KDE bug site and find out what their plan is before I commit anything here. If it's a serious problem, they'll issue a security advisory. My guess is that the patch that's in that bug still has a little bit of work left.
mozilla(-bin) and firefox seems to be fixed with bug #59419
Moz and Firefox are fixed since 1.7 / 0.9, see comment above. Konqueror and Netscape-Communicator are the only left to fix. Changing title to reflect this.
Konqueror fixed with bug #60068
I agree to p.mask net-www/netscape-*. The latest portage is clever enough to show the reason of p.mask extracted from package.mask, so I would assume it's okay to keep them in our tree even though they are vulnerable to the exploit.
ok, netscape-communicator and netscape-navigator are package.mask'd
This is ready for GLSA or close...
Closing without GLSA.
