Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2007-1308

Published: 07/03/2007 Updated: 16/10/2018
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 435
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Subscribe to Konqueror

Vulnerability Summary

ecma/kjs_html.cpp in KDE JavaScript (KJS), as used in Konqueror in KDE 3.5.5, allows remote malicious users to cause a denial of service (crash) by accessing the content of an iframe with an ftp:// URI in the src attribute, probably due to a NULL pointer dereference.

Vulnerable Product Search on Vulmon Subscribe to Product

kde konqueror 3.5.5

Vendor Advisories

Ubuntu Security Notice: kdelibs vulnerabilities
It was discovered that Konqueror did not correctly handle iframes from JavaScript If a user were tricked into visiting a malicious website, Konqueror could crash, resulting in a denial of service (CVE-2007-1308) ...

Exploits

Exploit DB: KDE Konqueror 3.5 - JavaScript IFrame Denial of Service
source: wwwsecurityfocuscom/bid/22814/info KDE Konqueror is prone to a remote denial-of-service vulnerability because of an error in KDE's JavaScript implementation An attacker may exploit this vulnerability to cause Konquerer to crash, resulting in denial-of-service conditions Konqueror included with KDE version 355 is vulnerable; ...

References

CWE-399http://lists.grok.org.uk/pipermail/full-disclosure/2007-March/052793.htmlhttp://bindshell.net/advisories/konq355http://bindshell.net/advisories/konq355/konq355-patch.diffhttp://www.securityfocus.com/bid/22814http://www.ubuntu.com/usn/usn-447-1http://www.mandriva.com/security/advisories?name=MDKSA-2007:054http://www.redhat.com/support/errata/RHSA-2007-0909.htmlhttp://secunia.com/advisories/27108http://securityreason.com/securityalert/2345http://www.vupen.com/english/advisories/2007/0886https://exchange.xforce.ibmcloud.com/vulnerabilities/32798https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10551http://www.securityfocus.com/archive/1/461897/100/0/threadedhttps://usn.ubuntu.com/447-1/https://nvd.nist.govhttps://www.exploit-db.com/exploits/29713/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761command injectionCVE-2024-3676IDORCVE-2024-30039CVE-2024-32113CVE-2024-30049CVE-2024-4776SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook