Vulnerability Description
The HTML parser in KDE Konqueror 3.5.9 allows remote attackers to cause a denial of service (application crash) via (1) a long COLOR attribute in an HR element; or a long (a) BGCOLOR or (b) BORDERCOLOR attribute in a (2) TABLE, (3) TD, or (4) TR element. NOTE: the FONT vector is already covered by CVE-2008-4514.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Kde | Konqueror | 3.5.9 |
Related Weaknesses (CWE)
References
- http://securityreason.com/securityalert/4806
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47696
- https://www.exploit-db.com/exploits/6704
- http://securityreason.com/securityalert/4806
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47696
- https://www.exploit-db.com/exploits/6704
FAQ
What is CVE-2008-5712?
CVE-2008-5712 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The HTML parser in KDE Konqueror 3.5.9 allows remote attackers to cause a denial of service (application crash) via (1) a long COLOR attribute in an HR element; or a long (a) BGCOLOR or (b) BORDERCOLO...
How severe is CVE-2008-5712?
CVE-2008-5712 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-5712?
Check the references section above for vendor advisories and patch information. Affected products include: Kde Konqueror.