fkie_cve-2006-3672
Vulnerability from fkie_nvd
Published
2006-07-18 15:47
Modified
2024-11-21 00:14
Severity ?
Summary
KDE Konqueror 3.5.1 and earlier allows remote attackers to cause a denial of service (application crash) by calling the replaceChild method on a DOM object, which triggers a null dereference, as demonstrated by calling document.replaceChild with a 0 (zero) argument.
References
cve@mitre.orghttp://browserfun.blogspot.com/2006/07/mobb-14-konqueror-replacechild.htmlExploit
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2006:130
cve@mitre.orghttp://www.osvdb.org/27058Exploit
cve@mitre.orghttp://www.securityfocus.com/bid/18978Exploit
cve@mitre.orghttp://www.ubuntu.com/usn/usn-322-1
cve@mitre.orghttp://www.vupen.com/english/advisories/2006/2812
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/27744
af854a3a-2127-422b-91ae-364da2661108http://browserfun.blogspot.com/2006/07/mobb-14-konqueror-replacechild.htmlExploit
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:130
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/27058Exploit
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/18978Exploit
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-322-1
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/2812
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/27744
Impacted products
Vendor Product Version
kde konqueror *
kde konqueror 2.1.1
kde konqueror 2.1.2
kde konqueror 2.2.1
kde konqueror 2.2.2
kde konqueror 3.0
kde konqueror 3.0.1
kde konqueror 3.0.2
kde konqueror 3.0.3
kde konqueror 3.0.5
kde konqueror 3.0.5b
kde konqueror 3.1
kde konqueror 3.1.1
kde konqueror 3.1.2
kde konqueror 3.1.3
kde konqueror 3.1.4
kde konqueror 3.1.5
kde konqueror 3.2.1
kde konqueror 3.2.2
kde konqueror 3.2.2.6
kde konqueror 3.2.3
kde konqueror 3.3
kde konqueror 3.3.1
kde konqueror 3.3.2


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:kde:konqueror:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "47E4D28B-032C-47CF-A917-B7B716FC8342",
              "versionEndIncluding": "3.5.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:konqueror:2.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "417F34FB-A6B0-4090-BDC9-6D4C1BF0D3D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:konqueror:2.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "61416A22-7309-4890-80B8-6E7C09C7BE8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:konqueror:2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F918814C-F129-4534-921A-38AF678A7016",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:konqueror:2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D435E39F-4F70-481B-9225-B072B79BEB69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:konqueror:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AD68BAB-8945-4A22-938E-12C01D0111D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:konqueror:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B3220BF-B0AF-4C90-89BD-B425EE58021D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:konqueror:3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA53FB7A-AF7F-45B2-AF23-11B1FC4EC289",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:konqueror:3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "619EB7F6-8694-4344-A4C9-A35DA58391AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:konqueror:3.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FED2DFC-592C-4FD3-B0B7-C670C78F56DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:konqueror:3.0.5b:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EC65385-B190-44BE-9AF8-B14F48303046",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:konqueror:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F7BAE27-7AB1-4DBD-98AD-6109F0D9A458",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:konqueror:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF8A54F6-96A9-44B8-97C8-50DA7276708D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:konqueror:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1001754B-8EDB-41A2-9D5D-6E2A2B556DD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:konqueror:3.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8D57D87-3E6A-4A73-85BA-EE679E9DA8D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:konqueror:3.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "60BE888B-FE26-4378-B853-29995A55920C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:konqueror:3.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "99E4FC9B-F47C-4BD5-B2C7-23CBAD2D5488",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:konqueror:3.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0172B167-5780-4F80-ACC9-2FB8B60D6717",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:konqueror:3.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3AA19A3-CB04-4267-A8D3-49BEC5892CD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:konqueror:3.2.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E24B7C8D-FD99-429B-86C2-D508A0D6FBC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:konqueror:3.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C0DB31D-D075-409C-9ED9-A9E1D96332CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:konqueror:3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E9FBD50-02B9-459D-8600-57897E195A5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:konqueror:3.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED38ED0A-3213-4F0C-A76D-DC88B8E5CFBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:konqueror:3.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C0102A8-7149-425C-9956-FB3640BFFA85",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "KDE Konqueror 3.5.1 and earlier allows remote attackers to cause a denial of service (application crash) by calling the replaceChild method on a DOM object, which triggers a null dereference, as demonstrated by calling document.replaceChild with a 0 (zero) argument."
    },
    {
      "lang": "es",
      "value": "KDE Konqueror 3.5.1 y anteriores permite a atacantes remotos provocar denegaci\u00f3n de servicio (caida de aplicaci\u00f3n) a trav\u00e9s de la llamada al m\u00e9todo replaceChild sobre un objeto DOM, el cual dispara una referencia NULL, somo se demostr\u00f3 con la llamada a document.replaceChild con un argumento 0 (zero)."
    }
  ],
  "id": "CVE-2006-3672",
  "lastModified": "2024-11-21T00:14:09.143",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 2.6,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2006-07-18T15:47:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://browserfun.blogspot.com/2006/07/mobb-14-konqueror-replacechild.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:130"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.osvdb.org/27058"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/18978"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/usn-322-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/2812"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27744"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://browserfun.blogspot.com/2006/07/mobb-14-konqueror-replacechild.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:130"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.osvdb.org/27058"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/18978"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-322-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/2812"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27744"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vendorComments": [
    {
      "comment": "We do not consider a crash of a client application such as Konqueror to be a security issue.",
      "lastModified": "2006-08-30T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.