Denial of Service Vulnerability in KDE Konqueror by KDE
CVE-2008-5712

Currently unrated

Key Information:

Vendor

Kde

Status
Konqueror
Vendor
CVE Published:
24 December 2008

Badges

๐Ÿ‘พ Exploit Exists๐ŸŸก Public PoC

What is CVE-2008-5712?

The HTML parser in KDE Konqueror 3.5.9 has a vulnerability that enables remote attackers to trigger a denial of service condition. This can occur through specially crafted HTML elements where specific attributes like COLOR, BGCOLOR, or BORDERCOLOR are excessively long, leading to application crashes during parsing. This vulnerability can impact user experience and system availability, making it important for users to ensure they are protected against such attacks.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2008-5712 - Proof of Concept

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/47696
vdb-entryx_refsource_XF
https://www.exploit-db.com/exploits/6704
exploitx_refsource_EXPLOIT-DB
http://securityreason.com/securityalert/4806
third-party-advisoryx_refsource_SREASON

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.