Bug#378962: konqueror: CVE-2006-3672: remote denial of service (crash)

To: Alec Berryman <alec@thened.net>, 378962@bugs.debian.org
Cc: team@security.debian.org
Subject: Bug#378962: konqueror: CVE-2006-3672: remote denial of service (crash)
From: Moritz Muehlenhoff <jmm@inutil.org>
Date: Wed, 26 Jul 2006 23:42:40 +0200
Message-id: <[🔎] 20060726214240.GA8674@galadriel.inutil.org>
Reply-to: Moritz Muehlenhoff <jmm@inutil.org>, 378962@bugs.debian.org
In-reply-to: <[🔎] 20060720025556.21787.42435.reportbug@barry.bowdoin.edu>
References: <[🔎] 20060720025556.21787.42435.reportbug@barry.bowdoin.edu>

Alec Berryman wrote:
> CVE-2006-3672: "KDE Konqueror 3.5.1 and earlier allows remote attackers
> to cause a denial of service (application crash) by calling the
> replaceChild method on a DOM object, which triggers a null dereference,
> as demonstrated by calling document.replaceChild with a 0 (zero)
> argument."
> 
> I have reproduced this with 4:3.5.3-2 using [1].  A backtrace is
> attached.
> 
> I have not yet confirmed if this issue affects sarge.

Thanks, this doesn't affect stable, at least not with the reproducer
above.

Cheers,
        Moritz

Reply to:

References:
- Bug#378962: konqueror: CVE-2006-3672: remote denial of service (crash)
  - From: Alec Berryman <alec@thened.net>

Prev by Date: Bug#379956: O: gtk-qt-engine -- theme engine using Qt for GTK+ 2.x
Next by Date: koffice-l10n_1.5.2-1_i386.changes ACCEPTED
Previous by thread: Bug#378962: konqueror: CVE-2006-3672: remote denial of service (crash)
Next by thread: Bug#378962: marked as done (konqueror: CVE-2006-3672: remote denial of service (crash))
Index(es):
- Date
- Thread