MidnightBSD

Advisories for adjam

CVE-2010-2536 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in rekonq 0.5 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) a URL associated with a nonexistent domain name, related to webpage.cpp, aka a "universal XSS" issue; (2) unspecified vectors related to webview.cpp; and the about: views for (3) favorites, (4) bookmarks, (5) closed tabs, and (6) history.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
adjam rekonq 0.3.0
adjam rekonq 0.1
adjam rekonq 0.4.95
adjam rekonq 0.0.3
adjam rekonq 0.1.98
adjam rekonq 0.2.90
adjam rekonq 0.0.2
adjam rekonq 0.2.0
adjam rekonq 0.3.90
adjam rekonq 0.1.95
adjam rekonq 0.4.0
adjam rekonq 0.1.0
adjam rekonq 0.0.1
adjam rekonq 0.0.4
adjam rekonq 0.4.90
adjam rekonq *
CVE-2011-3366 MEDIUM

Rekonq 0.7.0 and earlier does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name (CN) of a certificate via rich text.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
adjam rekonq 0.3.0
adjam rekonq 0.5.80
adjam rekonq 0.6.1
adjam rekonq 0.1
adjam rekonq 0.4.95
adjam rekonq 0.0.3
adjam rekonq 0.1.98
adjam rekonq 0.2.90
adjam rekonq 0.0.2
adjam rekonq 0.6.85
adjam rekonq 0.6.0
adjam rekonq 0.2.0
adjam rekonq 0.6.95
adjam rekonq 0.3.90
adjam rekonq 0.1.95
adjam rekonq 0.4.0
adjam rekonq 0.5.0
adjam rekonq 0.1.0
adjam rekonq 0.0.1
adjam rekonq 0.0.4
adjam rekonq 0.6.80
adjam rekonq 0.4.90
adjam rekonq *