PT-2008-5747 · Kde · Kde Konqueror

Jeremy Brown

Published

2008-10-09

Updated

2017-09-29

CVE-2008-4514

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions: KDE Konqueror version 3.5.9

Description: The issue concerns the HTML parser, which can be exploited by remote attackers to cause a denial of service, resulting in an application crash. This is achieved by using a font tag with a long color value, triggering an assertion error.

Recommendations: For KDE Konqueror version 3.5.9, consider updating to a newer version that addresses this issue, as the current version is prone to crashes due to the described exploit.

Exploit

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2008-4514

Affected Products

Kde Konqueror

PT-2008-5747 · Kde · Kde Konqueror

CVE-2008-4514

Weakness Enumeration

Related Identifiers

Affected Products

References · 5