Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2003-1478

CWE-119Buffer Overflow4 documents4 sources
Severity
4.3MEDIUM
EPSS
2.4%
top 15.06%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
KDE Konqueror
Timeline
PublishedDec 31
Latest updateApr 29

Description

Konqueror in KDE 3.0.3 allows remote attackers to cause a denial of service (core dump) via a web page that begins with a "xFFxFE" byte sequence and a large number of CRLF sequences, as demonstrated using freeze.htm.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

NVDkde/konqueror3.0.3

🔴Vulnerability Details

2
GHSA
GHSA-j69p-2c37-f494: Konqueror in KDE 32022-04-29
CVEList
CVE-2003-1478: Konqueror in KDE 32007-10-24

💥Exploits & PoCs

1
Exploit-DB
KDE Konqueror 3.0.3 - Malformed HTML Page Denial of Service2003-05-02
CVE-2003-1478 (MEDIUM CVSS 4.3) | Konqueror in KDE 3.0.3 allows remot | cvebase.io