Denial of Service : KDE Konqueror Select Object Denial of Service Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.900903

Categoría: Denial of Service

Título: KDE Konqueror Select Object Denial of Service Vulnerability

Resumen: KDE Konqueror is prone to a denial of service (DoS) vulnerability.

Descripción: Summary:
KDE Konqueror is prone to a denial of service (DoS) vulnerability.

Vulnerability Insight:
The flaw occurs due to an error while processing Select object whose length
property contains a large integer value.

Vulnerability Impact:
Successful exploitation will lead to memory consumption and can result in
a browser crash.

Affected Software/OS:
KDE Konqueror version 4.2.4 and prior.

Solution:
No known solution was made available for at least one year since the disclosure
of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release,
disable respective features, remove the product or replace the product by another one.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-2537
Bugtraq: 20090715 Re: [GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari,Opera, Chrome,Seamonkey,iPhone,iPod,Wii,PS3.... (Google Search)
http://www.securityfocus.com/archive/1/504989/100/0/threaded
Bugtraq: 20090715 Re:[GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari,Opera, Chrome,Seamonkey,iPhone,iPod,Wii,PS3.... (Google Search)
http://www.securityfocus.com/archive/1/504988/100/0/threaded
Bugtraq: 20090715 [GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari,Opera, Chrome,Seamonkey,iPhone,iPod,Wii,PS3.... (Google Search)
http://www.securityfocus.com/archive/1/504969/100/0/threaded
Bugtraq: 20090716 Re[2]: [GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari,Opera, Chrome,Seamonkey,iPhone,iPod,Wii,PS3.... (Google Search)
http://www.securityfocus.com/archive/1/505006/100/0/threaded
http://www.exploit-db.com/exploits/9160
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01200.html
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01177.html
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01199.html
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01196.html
http://www.mandriva.com/security/advisories?name=MDVSA-2009:330
http://www.g-sec.lu/one-bug-to-rule-them-all.html
http://secunia.com/advisories/36057
http://secunia.com/advisories/36062
XForce ISS Database: konqueror-integer-value-dos(52871)
https://exchange.xforce.ibmcloud.com/vulnerabilities/52871

Copyright Copyright (C) 2009 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.900903
Categoría:	Denial of Service
Título:	KDE Konqueror Select Object Denial of Service Vulnerability
Resumen:	KDE Konqueror is prone to a denial of service (DoS) vulnerability.
Descripción:	Summary: KDE Konqueror is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: The flaw occurs due to an error while processing Select object whose length property contains a large integer value. Vulnerability Impact: Successful exploitation will lead to memory consumption and can result in a browser crash. Affected Software/OS: KDE Konqueror version 4.2.4 and prior. Solution: No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-2537 Bugtraq: 20090715 Re: [GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari,Opera, Chrome,Seamonkey,iPhone,iPod,Wii,PS3.... (Google Search) http://www.securityfocus.com/archive/1/504989/100/0/threaded Bugtraq: 20090715 Re:[GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari,Opera, Chrome,Seamonkey,iPhone,iPod,Wii,PS3.... (Google Search) http://www.securityfocus.com/archive/1/504988/100/0/threaded Bugtraq: 20090715 [GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari,Opera, Chrome,Seamonkey,iPhone,iPod,Wii,PS3.... (Google Search) http://www.securityfocus.com/archive/1/504969/100/0/threaded Bugtraq: 20090716 Re[2]: [GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari,Opera, Chrome,Seamonkey,iPhone,iPod,Wii,PS3.... (Google Search) http://www.securityfocus.com/archive/1/505006/100/0/threaded http://www.exploit-db.com/exploits/9160 https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01200.html https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01177.html https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01199.html https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01196.html http://www.mandriva.com/security/advisories?name=MDVSA-2009:330 http://www.g-sec.lu/one-bug-to-rule-them-all.html http://secunia.com/advisories/36057 http://secunia.com/advisories/36062 XForce ISS Database: konqueror-integer-value-dos(52871) https://exchange.xforce.ibmcloud.com/vulnerabilities/52871
Copyright	Copyright (C) 2009 Greenbone AG