Denial of Service Vulnerability in Kmail by KDE
CVE-2006-7139

Currently unrated

Key Information:

Vendor

Kde

Status
K-mail
Vendor
CVE Published:
7 March 2007

What is CVE-2006-7139?

An issue in Kmail 1.9.1 on KDE 3.5.2 exists where enabling the 'Prefer HTML to Plain Text' feature can lead to a denial of service. This vulnerability allows remote attackers to send specially crafted HTML emails containing certain table and frameset tags, which can trigger a segmentation fault and potentially result in a crash due to invalid memory operations.

References

http://secunia.com/advisories/24889
third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/archive/1/448766/100/0/threaded
mailing-listx_refsource_BUGTRAQ
http://www.novell.com/linux/security/advisories/2007_6_sr...
vendor-advisoryx_refsource_SUSE

EPSS Score

9% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.