CVE-2006-3672

KDE Konqueror < 3.5.1 - Denial of Service via replaceChild DOM Method

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-3672. PoCs published by hdm.

AI-analyzed exploit summary The provided code is a minimal JavaScript snippet that triggers a denial-of-service (DoS) in KDE Konqueror by calling document.replaceChild(0). This exploit relies on user interaction to visit a malicious website.

Description

KDE Konqueror 3.5.1 and earlier allows remote attackers to cause a denial of service (application crash) by calling the replaceChild method on a DOM object, which triggers a null dereference, as demonstrated by calling document.replaceChild with a 0 (zero) argument.

Exploits (1)

exploitdb STUB VERIFIED

by hdm · textdoslinux

https://www.exploit-db.com/exploits/28220

View Code ZIP pw:eip

The provided code is a minimal JavaScript snippet that triggers a denial-of-service (DoS) in KDE Konqueror by calling document.replaceChild(0). This exploit relies on user interaction to visit a malicious website.

Classification

Stub 80%

Attack Type

Dos

Complexity

Trivial

Reliability

Theoretical

Target: KDE Konqueror (version not specified)

No auth needed

Prerequisites: Victim must visit a malicious website

MITRE ATT&CK