Summary
This host is running Konqueror and is prone to Denial of Service Vulnerability.
Impact
Successful exploitation will allow attacker to trigger the use of a deleted object within the HTMLTokenizer::scriptHandler() method and can cause a crash.
Solution
Upgrade to KDE Konqueror version 4.4.3 or later.
For updates refer to http://www.kde.org/download
Insight
These flaws are due to,
- improper handling of JavaScript document.load Function calls targeting the current document which can cause denial of service.
- HTML parser in KDE Konqueror causes denial of service via a long attribute in HR element or a long BGCOLOR or BORDERCOLOR.
Affected
Konqueror in KDE version 3.5.10 or prior.
References
Updated on 2017-03-28
Severity
Classification
-
CVE CVE-2008-4514, CVE-2008-5712 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities