VDB
CVE-2007-1308
CVE-2007-1308
PUBLISHED
Reported by mitre · Published March 7, 2007
ecma/kjs_html.cpp in KDE JavaScript (KJS), as used in Konqueror in KDE 3.5.5, allows remote attackers to cause a denial of service (crash) by accessing the content of an iframe with an ftp:// URI in the src attribute, probably due to a NULL pointer dereference.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | *, *, n/a |
Exploit Intelligence
- http://bindshell.net/advisories/konq355 (vulncheck-nvd)
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-March/052793.html (vulncheck-nvd)
- http://www.securityfocus.com/bid/22814 (vulncheck-nvd)
Timeline
- Mar 7, 2007 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
References
- 22814 vdb-entryx_refsource_BID
- RHSA-2007:0909 vendor-advisoryx_refsource_REDHAT
- 20070304 Konqueror DoS Via JavaScript Read Of FTP Iframe mailing-listx_refsource_BUGTRAQ
- 20070304 Konqueror DoS Via JavaScript Read Of FTP Iframe mailing-listx_refsource_FULLDISC
- ADV-2007-0886 vdb-entryx_refsource_VUPEN
- x_refsource_MISC
- USN-447-1 vendor-advisoryx_refsource_UBUNTU
- MDKSA-2007:054 vendor-advisoryx_refsource_MANDRIVA
- 27108 third-party-advisoryx_refsource_SECUNIA
- x_refsource_MISC
- oval:org.mitre.oval:def:10551 vdb-entrysignaturex_refsource_OVAL
- 2345 third-party-advisoryx_refsource_SREASON
- konqueror-ftp-dos(32798) vdb-entryx_refsource_XF