PT-2003-2423 · Kde · Kde Konqueror
Published
2003-12-31
·
Updated
2017-07-29
·
CVE-2003-1478
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions
KDE Konqueror version 3.0.3
Description
The issue allows remote attackers to cause a denial of service, resulting in a core dump, by visiting a malicious web page. This web page must begin with a "xFFxFE" byte sequence and contain a large number of CRLF sequences.
Recommendations
For KDE Konqueror version 3.0.3, consider avoiding web pages with suspicious byte sequences and CRLF sequences until a patch is available. As a temporary workaround, restrict access to untrusted web pages to minimize the risk of exploitation.
Exploit
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Kde Konqueror