ID CVE-2008-4382
Summary Konqueror in KDE 3.5.9 allows remote attackers to cause a denial of service (application crash) via Javascript that calls the alert function with a URL-encoded string of a large number of invalid characters.
References
Vulnerable Configurations
  • cpe:2.3:a:kde:konqueror:3.5.9
    cpe:2.3:a:kde:konqueror:3.5.9
CVSS
Base: 5.0 (as of 03-10-2008 - 09:13)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
refmap via4
bugtraq 20080930 Re: MS Internet Explorer 7 Denial Of Service Exploit
xf konqueror-alert-function-dos(45645)
statements via4
contributor Joshua Bressers
lastmodified 2017-08-07
organization Red Hat
statement We do not consider a crash of a client application such as Konqueror to be a security issue.
Last major update 10-10-2008 - 02:02
Published 02-10-2008 - 14:18
Last modified 11-10-2018 - 16:51
Back to Top