Version: (using KDE KDE 3.4.90) Installed from: Gentoo Packages OS: Linux I was making the browser security test on http://bcheck.scanit.be/bcheck/ and konqueror crashed at test 34. Using kde 3.5beta1.
I cannot reproduce. Can you paste the backtrace? Make sure Kaffeine is not enabled either.
No crash here, but one test failed: Browser Security Test Results Dear Customer, The Browser Security Test is finished. Please find the results below: High Risk Vulnerabilities 0 Medium Risk Vulnerabilities 1 Low Risk Vulnerabilities 0 New bugs keep coming! Sign up for announcements of new tests. Questions about the test? Read the FAQ. Still having questions? Send us your feedback. Want to know how everyone else is doing on Browser Test? Check our statistics. Help! My browser is hijacked! Read our step by step tutorial on how to clean your computer from browser hijackers and unwanted adware. Medium Risk Vulnerabilities Mozilla Link Onclick Cross Domain Scripting Vulnerability (ldy20030416) Description This bug can allow a malicious web site to access your data on other web sites. For example it can be used to read you mail from a web mail system. Mozilla is an open source browser. From Netscape 6 onwards, Mozilla's source code has been used to create Netscape browser. As a result, Netscape suffers from many of the same vulnerabilities as Mozilla. Other browsers, such as Galeon, Phoenix, Camino (Chimera) also use Mozilla's source code and can be vulnerable too. Technical Details When Mozilla starts loading a new page in a window various objects on the old page remain available for a short period of time. However the domain changes immediately to the domain of the new page. During this short period it is possible to execute the JavaScript code defined by the old page in the context of new page. This problem can be exploited as follows: When a user surfs to a malicious web page the page opens another window with a document from the same web site. This page should contain a link that has an "onclick" property defined. The code on malicious page saves a reference to the onclick function of the link in another window Then it starts loading a page from a target web site in the window where the link is While the new page is loaded the onclick function is called by its saved reference. The function is executed in the context of the target web site and has access to cookies and other information for that web site. Recommendations Netscape users need to upgrade to Netscape 7.1 or later to fix this vulnerability. Mozilla users need to upgrade to version 1.3.1, 1.4b or later Galeon users - upgrade your Mozilla installation to version 1.4b or later and upgrade to Galeon version that supports it (1.2.5 or later)
No, George, you're not allowed to hijack this bug. Open one for yourself :-)
Test 34 fails crashes konqueror (svn 3.5 branch today) with the following backtrace: Using host libthread_db library "/lib/tls/libthread_db.so.1". [Thread debugging using libthread_db enabled] [New Thread -1231735104 (LWP 22639)] [KCrash handler] #7 0x00000018 in ?? () #8 0xb71760fd in qt_inheritedBy (superClass=0x82d4f00, object=0x85f2b80) at kernel/qobject.cpp:596 #9 0xb63f1dc2 in qt_cast<KHTMLPart*> () from /usr/local/kde3.5/lib/kde3/libsearchbarplugin.so #10 0xb62dc169 in KJS::Window::retrieve () from /usr/local/kde3.5/lib/libkhtml.so.4 #11 0xb62dc262 in KJS::Window::retrieveWindow () from /usr/local/kde3.5/lib/libkhtml.so.4 #12 0xb615c0d9 in KHTMLPart::begin () from /usr/local/kde3.5/lib/libkhtml.so.4 #13 0xb614c44a in KHTMLPart::slotData () from /usr/local/kde3.5/lib/libkhtml.so.4 #14 0xb61703c1 in KHTMLPart::qt_invoke () from /usr/local/kde3.5/lib/libkhtml.so.4 #15 0xb717a4d7 in QObject::activate_signal (this=0x8515ea8, clist=0x86466d0, o=0xbfffe1b0) at kernel/qobject.cpp:2356 #16 0xb7d8691c in KIO::TransferJob::data () from /usr/local/kde3.5/lib/libkio.so.4 #17 0xb7d8698d in KIO::TransferJob::slotData () from /usr/local/kde3.5/lib/libkio.so.4 #18 0xb7d96984 in KIO::TransferJob::qt_invoke () from /usr/local/kde3.5/lib/libkio.so.4 #19 0xb717a4d7 in QObject::activate_signal (this=0x84a41e0, clist=0x84a4be8, o=0xbfffe2c4) at kernel/qobject.cpp:2356 #20 0xb7d749d2 in KIO::SlaveInterface::data () from /usr/local/kde3.5/lib/libkio.so.4 #21 0xb7d78574 in KIO::SlaveInterface::dispatch () from /usr/local/kde3.5/lib/libkio.so.4 #22 0xb7d755e1 in KIO::SlaveInterface::dispatch () from /usr/local/kde3.5/lib/libkio.so.4 #23 0xb7d725bb in KIO::Slave::gotInput () from /usr/local/kde3.5/lib/libkio.so.4 #24 0xb7d728b9 in KIO::Slave::qt_invoke () from /usr/local/kde3.5/lib/libkio.so.4 #25 0xb717a4d7 in QObject::activate_signal (this=0x84a3a88, clist=0x84a4458, o=0xbfffe698) at kernel/qobject.cpp:2356 #26 0xb717ae25 in QObject::activate_signal (this=0x84a3a88, signal=2, param=18) at kernel/qobject.cpp:2449 #27 0xb750da08 in QSocketNotifier::activated (this=0x84a3a88, t0=18) at .moc/debug-shared-mt/moc_qsocketnotifier.cpp:85 #28 0xb719b249 in QSocketNotifier::event (this=0x84a3a88, e=0xbfffe970) at kernel/qsocketnotifier.cpp:258 #29 0xb71104e4 in QApplication::internalNotify (this=0xbfffecc4, receiver=0x84a3a88, e=0xbfffe970) at kernel/qapplication.cpp:2635 #30 0xb71106fc in QApplication::notify (this=0xbfffecc4, receiver=0x84a3a88, e=0xbfffe970) at kernel/qapplication.cpp:2358 #31 0xb77d59f7 in KApplication::notify () from /usr/local/kde3.5/lib/libkdecore.so.4 #32 0xb70a2de3 in QApplication::sendEvent (receiver=0x84a3a88, event=0xbfffe970) at qapplication.h:496 #33 0xb71018c5 in QEventLoop::activateSocketNotifiers (this=0x810f5a8) at kernel/qeventloop_unix.cpp:578 #34 0xb70b6598 in QEventLoop::processEvents (this=0x810f5a8, flags=4) at kernel/qeventloop_x11.cpp:383 #35 0xb7128856 in QEventLoop::enterLoop (this=0x810f5a8) at kernel/qeventloop.cpp:198 #36 0xb712877f in QEventLoop::exec (this=0x810f5a8) at kernel/qeventloop.cpp:145 #37 0xb710f06d in QApplication::exec (this=0xbfffecc4) at kernel/qapplication.cpp:2758 #38 0xb67c9aa2 in kdemain () from /usr/local/kde3.5/lib/libkdeinit_konqueror.so #39 0xb76ee7a0 in kdeinitmain () from /usr/local/kde3.5/lib/kde3/konqueror.so #40 0x0804df04 in launch () #41 0x0804e5f9 in handle_launcher_request () #42 0x0804ecc9 in handle_requests () #43 0x0804fb7c in main ()
*** This bug has been marked as a duplicate of 112905 ***