CVE-2007-4229

KDE Konqueror < 3.5.7 - Denial of Service via Malformed HTML

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-4229. PoCs published by Thomas Waldegger.

AI-analyzed exploit summary This exploit leverages malformed HTML tags to trigger a denial-of-service condition in KDE Konqueror. The improperly nested and closed tags cause the browser to crash when rendering the page.

Description

Unspecified vulnerability in KDE Konqueror 3.5.7 and earlier allows remote attackers to cause a denial of service (failed assertion and application crash) via certain malformed HTML, as demonstrated by a document containing TEXTAREA, BUTTON, BR, BDO, PRE, FRAMESET, and A tags. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Thomas Waldegger · textdoslinux
https://www.exploit-db.com/exploits/30444

This exploit leverages malformed HTML tags to trigger a denial-of-service condition in KDE Konqueror. The improperly nested and closed tags cause the browser to crash when rendering the page.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: KDE Konqueror 3.5.7 and prior
No auth needed
Prerequisites: Victim must visit a malicious webpage using Konqueror
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/25170
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/42552
Third Party Advisory, VDB Entry x_refsource_misc
http://downloads.securityfocus.com/vulnerabilities/exploits/25170.html
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/475266/100/0/threaded

Scores

EPSS 0.0218
EPSS Percentile 80.0%

Details

Status published
Products (1)
kde/konqueror < 3.5.7
Published Aug 08, 2007
Tracked Since Feb 18, 2026