ID CVE-2007-1308
Summary ecma/kjs_html.cpp in KDE JavaScript (KJS), as used in Konqueror in KDE 3.5.5, allows remote attackers to cause a denial of service (crash) by accessing the content of an iframe with an ftp:// URI in the src attribute, probably due to a NULL pointer dereference.
References
Vulnerable Configurations
  • cpe:2.3:a:kde:konqueror:3.5.5
    cpe:2.3:a:kde:konqueror:3.5.5
CVSS
Base: 4.3 (as of 07-03-2007 - 21:08)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
exploit-db via4
description KDE Konqueror 3.5 JavaScript IFrame Denial of Service Vulnerability. CVE-2007-1308. Dos exploit for linux platform
id EDB-ID:29713
last seen 2016-02-03
modified 2007-03-05
published 2007-03-05
reporter mark
source https://www.exploit-db.com/download/29713/
title KDE Konqueror 3.5 JavaScript IFrame Denial of Service Vulnerability
nessus via4
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20071008_KDELIBS_ON_SL5_X.NASL
    description Two cross-site-scripting flaws were found in the way Konqueror processes certain HTML content. This could result in a malicious attacker presenting misleading content to an unsuspecting user. (CVE-2007-0242, CVE-2007-0537) A flaw was found in KDE JavaScript implementation. A web page containing malicious JavaScript code could cause Konqueror to crash. (CVE-2007-1308) A flaw was found in the way Konqueror handled certain FTP PASV commands. A malicious FTP server could use this flaw to perform a rudimentary port-scan of machines behind a user's firewall. (CVE-2007-1564) Two Konqueror address spoofing flaws have been discovered. It was possible for a malicious website to cause the Konqueror address bar to display information which could trick a user into believing they are at a different website than they actually are. (CVE-2007-3820, CVE-2007-4224)
    last seen 2019-02-21
    modified 2019-01-07
    plugin id 60263
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60263
    title Scientific Linux Security Update : kdelibs on SL5.x, SL4.x i386/x86_64
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2007-0909.NASL
    description From Red Hat Security Advisory 2007:0909 : Updated kdelibs packages that resolve several security flaws are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The kdelibs package provides libraries for the K Desktop Environment (KDE). Two cross-site-scripting flaws were found in the way Konqueror processes certain HTML content. This could result in a malicious attacker presenting misleading content to an unsuspecting user. (CVE-2007-0242, CVE-2007-0537) A flaw was found in KDE JavaScript implementation. A web page containing malicious JavaScript code could cause Konqueror to crash. (CVE-2007-1308) A flaw was found in the way Konqueror handled certain FTP PASV commands. A malicious FTP server could use this flaw to perform a rudimentary port-scan of machines behind a user's firewall. (CVE-2007-1564) Two Konqueror address spoofing flaws have been discovered. It was possible for a malicious website to cause the Konqueror address bar to display information which could trick a user into believing they are at a different website than they actually are. (CVE-2007-3820, CVE-2007-4224) Users of KDE should upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-08-13
    plugin id 67574
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67574
    title Oracle Linux 4 / 5 : kdelibs (ELSA-2007-0909)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2007-054.NASL
    description ecma/kjs_html.cpp in KDE JavaScript (KJS), as used in Konqueror, allows remote attackers to cause a denial of service (crash) by accessing the content of an iframe with an ftp:// URI in the src attribute, probably due to a NULL pointer dereference. Updated packages have been patched to address this issue.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 24804
    published 2007-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24804
    title Mandrake Linux Security Advisory : kdelibs (MDKSA-2007:054)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2007-0909.NASL
    description Updated kdelibs packages that resolve several security flaws are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The kdelibs package provides libraries for the K Desktop Environment (KDE). Two cross-site-scripting flaws were found in the way Konqueror processes certain HTML content. This could result in a malicious attacker presenting misleading content to an unsuspecting user. (CVE-2007-0242, CVE-2007-0537) A flaw was found in KDE JavaScript implementation. A web page containing malicious JavaScript code could cause Konqueror to crash. (CVE-2007-1308) A flaw was found in the way Konqueror handled certain FTP PASV commands. A malicious FTP server could use this flaw to perform a rudimentary port-scan of machines behind a user's firewall. (CVE-2007-1564) Two Konqueror address spoofing flaws have been discovered. It was possible for a malicious website to cause the Konqueror address bar to display information which could trick a user into believing they are at a different website than they actually are. (CVE-2007-3820, CVE-2007-4224) Users of KDE should upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 26974
    published 2007-10-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=26974
    title CentOS 4 / 5 : kdelibs (CESA-2007:0909)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2007-0909.NASL
    description Updated kdelibs packages that resolve several security flaws are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The kdelibs package provides libraries for the K Desktop Environment (KDE). Two cross-site-scripting flaws were found in the way Konqueror processes certain HTML content. This could result in a malicious attacker presenting misleading content to an unsuspecting user. (CVE-2007-0242, CVE-2007-0537) A flaw was found in KDE JavaScript implementation. A web page containing malicious JavaScript code could cause Konqueror to crash. (CVE-2007-1308) A flaw was found in the way Konqueror handled certain FTP PASV commands. A malicious FTP server could use this flaw to perform a rudimentary port-scan of machines behind a user's firewall. (CVE-2007-1564) Two Konqueror address spoofing flaws have been discovered. It was possible for a malicious website to cause the Konqueror address bar to display information which could trick a user into believing they are at a different website than they actually are. (CVE-2007-3820, CVE-2007-4224) Users of KDE should upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-11-16
    plugin id 26952
    published 2007-10-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=26952
    title RHEL 4 / 5 : kdelibs (RHSA-2007:0909)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-447-1.NASL
    description It was discovered that Konqueror did not correctly handle iframes from JavaScript. If a user were tricked into visiting a malicious website, Konqueror could crash, resulting in a denial of service. (CVE-2007-1308) A flaw was discovered in how Konqueror handled PASV FTP responses. If a user were tricked into visiting a malicious FTP server, a remote attacker could perform a port-scan of machines within the user's network, leading to private information disclosure. (CVE-2007-1564). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 28044
    published 2007-11-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=28044
    title Ubuntu 5.10 / 6.06 LTS / 6.10 : kdelibs vulnerabilities (USN-447-1)
oval via4
accepted 2013-04-29T04:06:38.682-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
  • comment The operating system installed on the system is Red Hat Enterprise Linux 5
    oval oval:org.mitre.oval:def:11414
  • comment The operating system installed on the system is CentOS Linux 5.x
    oval oval:org.mitre.oval:def:15802
  • comment Oracle Linux 5.x
    oval oval:org.mitre.oval:def:15459
description ecma/kjs_html.cpp in KDE JavaScript (KJS), as used in Konqueror in KDE 3.5.5, allows remote attackers to cause a denial of service (crash) by accessing the content of an iframe with an ftp:// URI in the src attribute, probably due to a NULL pointer dereference.
family unix
id oval:org.mitre.oval:def:10551
status accepted
submitted 2010-07-09T03:56:16-04:00
title ecma/kjs_html.cpp in KDE JavaScript (KJS), as used in Konqueror in KDE 3.5.5, allows remote attackers to cause a denial of service (crash) by accessing the content of an iframe with an ftp:// URI in the src attribute, probably due to a NULL pointer dereference.
version 24
redhat via4
advisories
rhsa
id RHSA-2007:0909
rpms
  • kdelibs-6:3.3.1-9.el4
  • kdelibs-devel-6:3.3.1-9.el4
  • kdelibs-6:3.5.4-13.el5
  • kdelibs-apidocs-6:3.5.4-13.el5
  • kdelibs-devel-6:3.5.4-13.el5
refmap via4
bid 22814
bugtraq 20070304 Konqueror DoS Via JavaScript Read Of FTP Iframe
fulldisc 20070304 Konqueror DoS Via JavaScript Read Of FTP Iframe
mandriva MDKSA-2007:054
misc
secunia 27108
sreason 2345
ubuntu USN-447-1
vupen ADV-2007-0886
xf konqueror-ftp-dos(32798)
Last major update 07-03-2011 - 21:51
Published 06-03-2007 - 19:19
Last modified 16-10-2018 - 12:37
Back to Top