KDE : Security Vulnerabilities, CVEs, Published In 2008 (Denial of service)
Heap-based buffer overflow in the progressive PNG Image loader (decoders/pngloader.cpp) in KHTML in KDE 4.0.x up to 4.0.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted image.
Max CVSS
9.3
EPSS Score
3.86%
Published
2008-04-28
Updated
2017-08-08
start_kdeinit in KDE 3.5.5 through 3.5.9, when installed setuid root, allows local users to cause a denial of service and possibly execute arbitrary code via "user-influenceable input" (probably command-line arguments) that cause start_kdeinit to send SIGUSR1 signals to other processes.
Max CVSS
4.6
EPSS Score
0.04%
Published
2008-04-28
Updated
2017-08-08
Konqueror in KDE 3.5.9 allows remote attackers to cause a denial of service (application crash) via Javascript that calls the alert function with a URL-encoded string of a large number of invalid characters.
Max CVSS
5.0
EPSS Score
0.26%
Published
2008-10-02
Updated
2018-10-11
HTMLTokenizer::scriptHandler in Konqueror in KDE 3.5.9 and 3.5.10 allows remote attackers to cause a denial of service (application crash) via an invalid document.load call that triggers use of a deleted object. NOTE: some of these details are obtained from third party information.
Max CVSS
4.3
EPSS Score
1.48%
Published
2008-12-22
Updated
2017-09-29
The HTML parser in KDE Konqueror 3.5.9 allows remote attackers to cause a denial of service (application crash) via (1) a long COLOR attribute in an HR element; or a long (a) BGCOLOR or (b) BORDERCOLOR attribute in a (2) TABLE, (3) TD, or (4) TR element. NOTE: the FONT vector is already covered by CVE-2008-4514.
Max CVSS
5.0
EPSS Score
0.58%
Published
2008-12-24
Updated
2017-09-29
5 vulnerabilities found