Lucene search

[email protected]CVE-2008-5712

HistoryDec 24, 2008 - 6:29 p.m.

CVE-2008-5712

2008-12-2418:29:00

CWE-20

[email protected]

web.nvd.nist.gov

cve-2008-5712

html parser

denial of service

konqueror 3.5.9

remote attackers

6.8 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.006 Low

EPSS

Percentile

78.0%

JSON

The HTML parser in KDE Konqueror 3.5.9 allows remote attackers to cause a denial of service (application crash) via (1) a long COLOR attribute in an HR element; or a long (a) BGCOLOR or (b) BORDERCOLOR attribute in a (2) TABLE, (3) TD, or (4) TR element. NOTE: the FONT vector is already covered by CVE-2008-4514.

CPENameOperatorVersion
kde:konquerorkde konqueroreq3.5.9

CPE	Name	Operator	Version
kde:konqueror	kde konqueror	eq	3.5.9

References

securityreason.com/securityalert/4806

exchange.xforce.ibmcloud.com/vulnerabilities/47696

www.exploit-db.com/exploits/6704

6.8 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.006 Low

EPSS

Percentile

78.0%

JSON

Related for CVE-2008-5712

ubuntucve2 prion2 cvelist2 openvas2 redhatcve2 cve1