CVE-2007-1308
CVE-2007-1308
ecma/kjs_html.cpp in KDE JavaScript (KJS), as used in Konqueror in KDE 3.5.5, allows remote attackers to cause a denial of service (crash) by accessing the content of an iframe with an ftp:// URI in the src attribute, probably due to a NULL pointer dereference.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/29713unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://bindshell.net/advisories/konq355http://bindshell.net/advisories/konq355/konq355-patch.diffhttp://lists.grok.org.uk/pipermail/full-disclosure/2007-March/052793.htmlhttp://secunia.com/advisories/27108http://securityreason.com/securityalert/2345https://exchange.xforce.ibmcloud.com/vulnerabilities/32798https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10551http://www.mandriva.com/security/advisories?name=MDKSA-2007:054http://www.redhat.com/support/errata/RHSA-2007-0909.htmlhttp://www.securityfocus.com/archive/1/461897/100/0/threadedhttp://www.securityfocus.com/bid/22814http://www.ubuntu.com/usn/usn-447-1