CVE-2016-7966 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2016-7966 Interim 1 18 2023-12-08T01:46:01Z current 2021-05-30T13:46:29Z 2023-12-08T01:46:01Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2016-7966 Through a malicious URL that contained a quote character it was possible to inject HTML code in KMail's plaintext viewer. Due to the parser used on the URL it was not possible to include the equal sign (=) or a space into the injected HTML, which greatly reduces the available HTML functionality. Although it is possible to include an HTML comment indicator to hide content. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Package Hub 12 SP1 openSUSE Leap 15.0 openSUSE Leap 15.2 openSUSE Leap 15.3 openSUSE Leap 15.4 openSUSE Tumbleweed kcoreaddons-5.20.0-6.1 kcoreaddons-5.29.0-1.1 kcoreaddons-5.45.0-lp150.1.2 kcoreaddons-5.71.0-lp152.1.1 kcoreaddons-5.76.0-bp153.1.16 kcoreaddons-5.90.0-150400.1.4 kcoreaddons-devel-32bit-5.29.0-1.1 kcoreaddons-devel-5.20.0-6.1 kcoreaddons-devel-5.29.0-1.1 kcoreaddons-lang-5.20.0-6.1 kcoreaddons-lang-5.29.0-1.1 kcoreaddons-lang-5.45.0-lp150.1.2 kcoreaddons-lang-5.71.0-lp152.1.1 kcoreaddons-lang-5.76.0-bp153.1.16 kcoreaddons-lang-5.90.0-150400.1.4 libKF5CoreAddons5-32bit-5.29.0-1.1 libKF5CoreAddons5-5.20.0-6.1 libKF5CoreAddons5-5.29.0-1.1 libKF5CoreAddons5-5.45.0-lp150.1.2 libKF5CoreAddons5-5.71.0-lp152.1.1 libKF5CoreAddons5-5.76.0-bp153.1.16 libKF5CoreAddons5-5.90.0-150400.1.4 kcoreaddons-5.20.0-6.1 as a component of SUSE Package Hub 12 SP1 kcoreaddons-devel-5.20.0-6.1 as a component of SUSE Package Hub 12 SP1 kcoreaddons-lang-5.20.0-6.1 as a component of SUSE Package Hub 12 SP1 libKF5CoreAddons5-5.20.0-6.1 as a component of SUSE Package Hub 12 SP1 kcoreaddons-5.45.0-lp150.1.2 as a component of openSUSE Leap 15.0 kcoreaddons-lang-5.45.0-lp150.1.2 as a component of openSUSE Leap 15.0 libKF5CoreAddons5-5.45.0-lp150.1.2 as a component of openSUSE Leap 15.0 kcoreaddons-5.71.0-lp152.1.1 as a component of openSUSE Leap 15.2 kcoreaddons-lang-5.71.0-lp152.1.1 as a component of openSUSE Leap 15.2 libKF5CoreAddons5-5.71.0-lp152.1.1 as a component of openSUSE Leap 15.2 kcoreaddons-5.76.0-bp153.1.16 as a component of openSUSE Leap 15.3 kcoreaddons-lang-5.76.0-bp153.1.16 as a component of openSUSE Leap 15.3 libKF5CoreAddons5-5.76.0-bp153.1.16 as a component of openSUSE Leap 15.3 kcoreaddons-5.90.0-150400.1.4 as a component of openSUSE Leap 15.4 kcoreaddons-lang-5.90.0-150400.1.4 as a component of openSUSE Leap 15.4 libKF5CoreAddons5-5.90.0-150400.1.4 as a component of openSUSE Leap 15.4 kcoreaddons-5.29.0-1.1 as a component of openSUSE Tumbleweed kcoreaddons-devel-5.29.0-1.1 as a component of openSUSE Tumbleweed kcoreaddons-devel-32bit-5.29.0-1.1 as a component of openSUSE Tumbleweed kcoreaddons-lang-5.29.0-1.1 as a component of openSUSE Tumbleweed libKF5CoreAddons5-5.29.0-1.1 as a component of openSUSE Tumbleweed libKF5CoreAddons5-32bit-5.29.0-1.1 as a component of openSUSE Tumbleweed Through a malicious URL that contained a quote character it was possible to inject HTML code in KMail's plaintext viewer. Due to the parser used on the URL it was not possible to include the equal sign (=) or a space into the injected HTML, which greatly reduces the available HTML functionality. Although it is possible to include an HTML comment indicator to hide content. CVE-2016-7966 SUSE Package Hub 12 SP1:kcoreaddons-5.20.0-6.1 SUSE Package Hub 12 SP1:kcoreaddons-devel-5.20.0-6.1 SUSE Package Hub 12 SP1:kcoreaddons-lang-5.20.0-6.1 SUSE Package Hub 12 SP1:libKF5CoreAddons5-5.20.0-6.1 openSUSE Leap 15.0:kcoreaddons-5.45.0-lp150.1.2 openSUSE Leap 15.0:kcoreaddons-lang-5.45.0-lp150.1.2 openSUSE Leap 15.0:libKF5CoreAddons5-5.45.0-lp150.1.2 openSUSE Leap 15.2:kcoreaddons-5.71.0-lp152.1.1 openSUSE Leap 15.2:kcoreaddons-lang-5.71.0-lp152.1.1 openSUSE Leap 15.2:libKF5CoreAddons5-5.71.0-lp152.1.1 openSUSE Leap 15.3:kcoreaddons-5.76.0-bp153.1.16 openSUSE Leap 15.3:kcoreaddons-lang-5.76.0-bp153.1.16 openSUSE Leap 15.3:libKF5CoreAddons5-5.76.0-bp153.1.16 openSUSE Leap 15.4:kcoreaddons-5.90.0-150400.1.4 openSUSE Leap 15.4:kcoreaddons-lang-5.90.0-150400.1.4 openSUSE Leap 15.4:libKF5CoreAddons5-5.90.0-150400.1.4 openSUSE Tumbleweed:kcoreaddons-5.29.0-1.1 openSUSE Tumbleweed:kcoreaddons-devel-5.29.0-1.1 openSUSE Tumbleweed:kcoreaddons-devel-32bit-5.29.0-1.1 openSUSE Tumbleweed:kcoreaddons-lang-5.29.0-1.1 openSUSE Tumbleweed:libKF5CoreAddons5-5.29.0-1.1 openSUSE Tumbleweed:libKF5CoreAddons5-32bit-5.29.0-1.1 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P 7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L