Improper input validation in Kde Konqueror

CVE-2008-5712

The HTML parser in KDE Konqueror 3.5.9 allows remote attackers to cause a denial of service (application crash) via (1) a long COLOR attribute in an HR element; or a long (a) BGCOLOR or (b) BORDERCOLOR attribute in a (2) TABLE, (3) TD, or…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.038 (88.6th percentile) — read the EPSS interpretation.

Affected products

Kde Konqueror — versions 3.5.9
N/a — versions n/a

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

cve@mitre.org (vdb-entry, x_refsource_XF)
cve@mitre.org (exploit, x_refsource_EXPLOIT-DB)
cve@mitre.org (x_refsource_SREASON, third-party-advisory)