Vulnerabilities > CVE-2008-5698 - Resource Management Errors vulnerability in KDE Konqueror

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
kde
CWE-399
exploit available

Summary

HTMLTokenizer::scriptHandler in Konqueror in KDE 3.5.9 and 3.5.10 allows remote attackers to cause a denial of service (application crash) via an invalid document.load call that triggers use of a deleted object. NOTE: some of these details are obtained from third party information.

Vulnerable Configurations

Part Description Count
OS
Kde
2
Application
Kde
1

Common Weakness Enumeration (CWE)

Exploit-Db

descriptionKonqueror 3.5.9 (load) Remote Crash Vulnerability. CVE-2008-5698. Dos exploit for linux platform
fileexploits/linux/dos/6718.html
idEDB-ID:6718
last seen2016-02-01
modified2008-10-10
platformlinux
port
published2008-10-10
reporterJeremy Brown
sourcehttps://www.exploit-db.com/download/6718/
titleKonqueror 3.5.9 load Remote Crash Vulnerability
typedos

Statements

contributorJoshua Bressers
lastmodified2009-01-19
organizationRed Hat
statementRed Hat does not consider a crash of a client application such as Konqueror to be a security issue.