ID CVE-2007-4229
Summary Unspecified vulnerability in KDE Konqueror 3.5.7 and earlier allows remote attackers to cause a denial of service (failed assertion and application crash) via certain malformed HTML, as demonstrated by a document containing TEXTAREA, BUTTON, BR, BDO, PRE, FRAMESET, and A tags. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
References
Vulnerable Configurations
  • cpe:2.3:a:kde:konqueror:*:*:*:*:*:*:*:*
    cpe:2.3:a:kde:konqueror:*:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 15-10-2018 - 21:34)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:N/A:P
refmap via4
bid 25170
bugtraq 20070801 [BuHa-Security] DoS Vulnerability in Konqueror 3.5.7
misc http://downloads.securityfocus.com/vulnerabilities/exploits/25170.html
osvdb 42552
statements via4
  • contributor Vincent Danen
    lastmodified 2007-09-18
    organization Mandriva
    statement Mandriva does not consider crashes of client applications such as Konqueror to be a security issue.
  • contributor Joshua Bressers
    lastmodified 2007-08-09
    organization Red Hat
    statement Red Hat does not consider a crash of a client application such as Konqueror to be a security flaw.
Last major update 15-10-2018 - 21:34
Published 08-08-2007 - 22:17
Back to Top