Denial of Service Vulnerability in Konqueror 3.5.5 from KDE
CVE-2007-2164

Currently unrated

Key Information:

Vendor: Kde
Status: Konqueror
Vendor: CVE Published:; 22 April 2007

What is CVE-2007-2164?

A vulnerability in Konqueror 3.5.5 can be exploited by remote attackers to initiate a denial of service, manifesting as a browser crash or abrupt termination. This occurs through the execution of malicious JavaScript, particularly using regular expressions that match against excessively long strings. This behavior has been documented and can be demonstrated with the use of the regex /(.)*/.

References

http://www.securityfocus.com/archive/1/466147/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://securityreason.com/securityalert/2600

third-party-advisoryx_refsource_SREASON

http://www.securityfocus.com/archive/1/466017/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 22, 2007
Vulnerability Reserved
Apr 22, 2007

CVE-2007-2164 Data

JSON

Kde

What is CVE-2007-2164?

References

Timeline