CVE-2006-7139
published 2007-03-07CVE-2006-7139: Kmail 1.9.1 on KDE 3.5.2, with "Prefer HTML to Plain Text" enabled, allows remote attackers to cause a denial of service (crash) via an HTML e-mail with…
PriorityP412low2.6CVSS 2.0
AVNACHAuNCNINAP
EXPLOIT
EPSS
3.03%
85.8th percentile
Kmail 1.9.1 on KDE 3.5.2, with "Prefer HTML to Plain Text" enabled, allows remote attackers to cause a denial of service (crash) via an HTML e-mail with certain table and frameset tags that trigger a segmentation fault, possibly involving invalid free or delete operations.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| kde | k-mail | — | — |
CVSS provenance
nvdv2.02.6LOWAV:N/AC:H/Au:N/C:N/I:N/A:P
vendor_redhat2.6LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
CVE-2006-7139: Kmail 1
vendor_redhat·CVSS 2.6
CVE-2006-7139 [LOW] CVE-2006-7139: Kmail 1
Kmail 1.9.1 on KDE 3.5.2, with "Prefer HTML to Plain Text" enabled, allows remote attackers to cause a denial of service (crash) via an HTML e-mail with certain table and frameset tags that trigger a segmentation fault, possibly involving invalid free or delete operations.
Statement: Not vulnerable. Our testing found that this issue did not affect the versions of Kmail as shipped with Red Hat Enterprise Linux 2.1, 3, or 4.
GHSA
GHSA-77x8-c69r-6pp3: Kmail 1
ghsa_unreviewed·2022-05-01
CVE-2006-7139 [LOW] CWE-20 GHSA-77x8-c69r-6pp3: Kmail 1
Kmail 1.9.1 on KDE 3.5.2, with "Prefer HTML to Plain Text" enabled, allows remote attackers to cause a denial of service (crash) via an HTML e-mail with certain table and frameset tags that trigger a segmentation fault, possibly involving invalid free or delete operations.
No detection rules found.
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0293.htmlhttp://secunia.com/advisories/24889http://securityreason.com/securityalert/2347http://www.novell.com/linux/security/advisories/2007_6_sr.htmlhttp://www.securityfocus.com/archive/1/448766/100/0/threadedhttp://www.securityfocus.com/archive/1/448768/100/0/threadedhttp://www.securityfocus.com/bid/20539https://exchange.xforce.ibmcloud.com/vulnerabilities/29557http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0293.htmlhttp://secunia.com/advisories/24889http://securityreason.com/securityalert/2347http://www.novell.com/linux/security/advisories/2007_6_sr.htmlhttp://www.securityfocus.com/archive/1/448766/100/0/threadedhttp://www.securityfocus.com/archive/1/448768/100/0/threadedhttp://www.securityfocus.com/bid/20539https://exchange.xforce.ibmcloud.com/vulnerabilities/29557
2007-03-07
Published