Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2007-6000

CWE-3999 documents5 sources
Severity
5.0MEDIUM
EPSS
4.2%
top 11.23%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
KDE Konqueror
Timeline
PublishedNov 15
Latest updateMay 1

Description

KDE Konqueror 3.5.6 and earlier allows remote attackers to cause a denial of service (crash) via large HTTP cookie parameters.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDkde/konqueror3.5.6

🔴Vulnerability Details

2
GHSA
GHSA-5gw9-4f37-rxx8: KDE Konqueror 32022-05-01
CVEList
CVE-2007-6000: KDE Konqueror 32007-11-15

💥Exploits & PoCs

4
Exploit-DB
Apple Safari / QuickTime 7.3 - RTSP Content-Type Remote Buffer Overflow2008-07-06
Exploit-DB
KDE Konqueror 3.5.6 - Cookie Handling Denial of Service2007-11-14
Exploit-DB
Microsoft Windows XP/Vista - Animated Cursor '.ani' Remote Overflow2007-04-01
Exploit-DB
Microsoft Windows - Animated Cursor '.ani' Remote (eeye patch Bypass)2007-04-01

📋Vendor Advisories

2
Cisco
Cisco Catalyst 6000, 6500 and Cisco 7600 Series MPLS Packet Vulnerability2007-02-28
Cisco
Cisco Catalyst 6000, 6500 Series and Cisco 7600 Series NAM (Network Analysis Module) Vulnerability2007-02-28