KDE Konqueror ReplaceChild方法拒绝服务漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1110607 漏洞类型 其他
发布时间 2006-07-14 更新时间 2006-09-06
CVE编号 CVE-2006-3672 CNNVD-ID CNNVD-200607-248
漏洞平台 Linux CVSS评分 2.6
|漏洞来源
https://www.exploit-db.com/exploits/28220
https://www.securityfocus.com/bid/18978
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200607-248
|漏洞详情
KDEKonqueror3.5.1及之前版本可以使远程攻击者通过在DOM对象上调用replaceChild方法,触发空指针解引用,从而引起拒绝服务(应用程序崩溃)。比如调用带0(零)自变量的document.replaceChild。
|漏洞EXP
source: http://www.securityfocus.com/bid/18978/info

KDE Konqueror is prone to a denial-of-service vulnerability.

This issue is triggered when an attacker convinces a victim user to visit a malicious website.

Remote attackers may exploit this issue to crash Konqueror, effectively denying service to legitimate users.

document.replaceChild(0);
|受影响的产品
Ubuntu Ubuntu Linux 5.10 sparc Ubuntu Ubuntu Linux 5.10 powerpc Ubuntu Ubuntu Linux 5.10 i386 Ubuntu Ubuntu Linux 5.10 amd64 Ubuntu Ubuntu Linux 5.0 4 powerpc Ubuntu Ubuntu
|参考资料

来源:XF
名称:konqueror-replacechild-dos(27744)
链接:http://xforce.iss.net/xforce/xfdb/27744
来源:BID
名称:18978
链接:http://www.securityfocus.com/bid/18978
来源:OSVDB
名称:27058
链接:http://www.osvdb.org/27058
来源:VUPEN
名称:ADV-2006-2812
链接:http://www.frsirt.com/english/advisories/2006/2812
来源:MISC
链接:http://browserfun.blogspot.com/2006/07/mobb-14-konqueror-replacechild.html
来源:UBUNTU
名称:USN-322-1
链接:http://www.ubuntu.com/usn/usn-322-1
来源:MANDRIVA
名称:MDKSA-2006:130
链接:http://www.mandriva.com/security/advisories?name=MDKSA-2006:130
来源:MANDRIVA
名称:MDKSA-2006:130
链接:http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:130