CVE-2009-2537

KDE Konqueror - Denial of Service via Large Select Object Length Property

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-2537. PoCs published by Thierry Zoller.

AI-analyzed exploit summary This is a detailed technical analysis of CVE-2009-2542, a DoS vulnerability affecting multiple browsers and devices due to improper handling of the select() method with a large integer, leading to memory exhaustion. The writeup includes root cause analysis, affected products, patch status, and a proof-of-concept.

Description

KDE Konqueror allows remote attackers to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Thierry Zoller · textdosmultiple
https://www.exploit-db.com/exploits/9160

This is a detailed technical analysis of CVE-2009-2542, a DoS vulnerability affecting multiple browsers and devices due to improper handling of the select() method with a large integer, leading to memory exhaustion. The writeup includes root cause analysis, affected products, patch status, and a proof-of-concept.

Classification
Writeup 100%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Multiple browsers (IE5-8, Firefox, Chrome, Opera, Safari, etc.) and devices (iPhone, PS3, Wii, etc.)
No auth needed
Prerequisites: Browser or device with JavaScript support
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (14)

Core 14
Core References
Vendor Advisory vendor-advisory x_refsource_fedora
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01177.html
Vendor Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2009:330
Vendor Advisory vendor-advisory x_refsource_fedora
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01199.html
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/504988/100/0/threaded
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/36062
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/36057
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/505006/100/0/threaded
Exploit, Third Party Advisory exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/9160
Vendor Advisory vendor-advisory x_refsource_fedora
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01196.html
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/504969/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/52871
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/504989/100/0/threaded
Vendor Advisory vendor-advisory x_refsource_fedora
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01200.html

Scores

EPSS 0.0319
EPSS Percentile 86.4%

Details

CWE
CWE-399
Status published
Products (1)
kde/konqueror
Published Jul 20, 2009
Tracked Since Feb 18, 2026