CVE-2010-2536

Published Aug 2, 2010

Last updated 3 months ago

CVSS info 4.3

Overview

Description: Multiple cross-site scripting (XSS) vulnerabilities in rekonq 0.5 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) a URL associated with a nonexistent domain name, related to webpage.cpp, aka a "universal XSS" issue; (2) unspecified vectors related to webview.cpp; and the about: views for (3) favorites, (4) bookmarks, (5) closed tabs, and (6) history.
Source: secalert@redhat.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-79

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:adjam:rekonq:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "857307D6-88D4-4930-9B0C-E03AB8E58D7A",
            "versionEndIncluding": "0.5.0"
          },
          {
            "criteria": "cpe:2.3:a:adjam:rekonq:0.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DACB212C-B647-45B6-AD16-8AC002D384C0"
          },
          {
            "criteria": "cpe:2.3:a:adjam:rekonq:0.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "932EB133-4D74-431F-9822-5326465975FC"
          },
          {
            "criteria": "cpe:2.3:a:adjam:rekonq:0.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CF892A30-8643-4028-9FA1-27E09A721952"
          },
          {
            "criteria": "cpe:2.3:a:adjam:rekonq:0.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6DDD8F42-E60E-4F8A-AF10-198325CF4E04"
          },
          {
            "criteria": "cpe:2.3:a:adjam:rekonq:0.1:alpha:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BF1D5711-1DF7-4C6C-8760-8E43602FF74D"
          },
          {
            "criteria": "cpe:2.3:a:adjam:rekonq:0.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "77D9763E-20FA-4ED7-B1B7-E1D347AAF7AD"
          },
          {
            "criteria": "cpe:2.3:a:adjam:rekonq:0.1.95:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "000726CE-F886-4728-B70C-B22B913EDED6"
          },
          {
            "criteria": "cpe:2.3:a:adjam:rekonq:0.1.98:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C83A2F59-3D4E-4312-A601-E54BA47C0AFE"
          },
          {
            "criteria": "cpe:2.3:a:adjam:rekonq:0.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "20102860-630D-4374-BF0A-69E6D6CB2B2C"
          },
          {
            "criteria": "cpe:2.3:a:adjam:rekonq:0.2.90:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0193DE99-8FAE-4A46-8BB9-D2E771A94964"
          },
          {
            "criteria": "cpe:2.3:a:adjam:rekonq:0.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D43FD182-7BE8-415E-9F2E-850402BE8983"
          },
          {
            "criteria": "cpe:2.3:a:adjam:rekonq:0.3.90:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0A36420B-DF83-4BF4-BC71-400E62CD4F29"
          },
          {
            "criteria": "cpe:2.3:a:adjam:rekonq:0.4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A03BAD13-C4B4-40CA-981D-2837627A9A1F"
          },
          {
            "criteria": "cpe:2.3:a:adjam:rekonq:0.4.90:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8BA611B9-2FD7-451B-B8A0-042C91312972"
          },
          {
            "criteria": "cpe:2.3:a:adjam:rekonq:0.4.95:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "75CCFA73-DD3B-4DC6-A81A-7304E3F260DC"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References