The HTML parser in KDE Konqueror 3.5.9 allows remote attackers to cause a denial of service (application crash) via (1) a long COLOR attribute in an HR element; or a long (a) BGCOLOR or (b) BORDERCOLOR attribute in a (2) TABLE, (3) TD, or (4) TR element. NOTE: the FONT vector is already covered by CVE-2008-4514.
Max CVSS
5.0
EPSS Score
0.58%
Published
2008-12-24
Updated
2017-09-29
HTMLTokenizer::scriptHandler in Konqueror in KDE 3.5.9 and 3.5.10 allows remote attackers to cause a denial of service (application crash) via an invalid document.load call that triggers use of a deleted object. NOTE: some of these details are obtained from third party information.
Max CVSS
4.3
EPSS Score
1.48%
Published
2008-12-22
Updated
2017-09-29
Konqueror in KDE 3.5.9 allows remote attackers to cause a denial of service (application crash) via Javascript that calls the alert function with a URL-encoded string of a large number of invalid characters.
Max CVSS
5.0
EPSS Score
0.26%
Published
2008-10-02
Updated
2018-10-11
3 vulnerabilities found