Denial of Service Vulnerability in Konqueror Web Browser by KDE
CVE-2007-1308

Currently unrated

Key Information:

Vendor

Kde

Status
Konqueror
Vendor
CVE Published:
7 March 2007

What is CVE-2007-1308?

The issue in Konqueror arises from the handling of JavaScript in the ecma/kjs_html.cpp file, which can lead to a denial of service condition. When a remote attacker accesses an iframe that contains an ftp:// URI in its src attribute, it may trigger a NULL pointer dereference, causing the browser to crash. This vulnerability affects users of KDE 3.5.5 and underscores the importance of regularly updating software to mitigate such risks.

References

http://www.securityfocus.com/bid/22814
vdb-entryx_refsource_BID
http://www.redhat.com/support/errata/RHSA-2007-0909.html
vendor-advisoryx_refsource_REDHAT
http://www.securityfocus.com/archive/1/461897/100/0/threaded
mailing-listx_refsource_BUGTRAQ

EPSS Score

14% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.