CVE-2008-4514

Konqueror - Improper Input Validation

Title source: rule

Description

The HTML parser in KDE Konqueror 3.5.9 allows remote attackers to cause a denial of service (application crash) via a font tag with a long color value, which triggers an assertion error.

Exploits (2)

exploitdb WORKING POC

doslinux

https://www.exploit-db.com/exploits/6704

View on exploitdb

exploitdb WORKING POC VERIFIED

by Jeremy Brown · textdoslinux

https://www.exploit-db.com/exploits/6689

View Code ZIP pw:eip

References (3)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/31605

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/6689

[Third Party Advisory] http://securityreason.com/securityalert/4394

Scores

EPSS 0.0458

EPSS Percentile 89.0%

Classification

CWE

CWE-20

Status draft

Affected Products (1)

konqueror/konqueror

Timeline

Published Oct 09, 2008

Tracked Since Feb 18, 2026