Bug#451794: CVE-2007-6000 konqueror allows konqueror to eat alot of memory by a large cookie

To: Nico Golde <nion@debian.org>, 451794@bugs.debian.org
Subject: Bug#451794: CVE-2007-6000 konqueror allows konqueror to eat alot of memory by a large cookie
From: Ana Guerrero <ana@debian.org>
Date: Tue, 24 Jun 2008 18:25:14 +0200
Message-id: <[🔎] 20080624162514.GA11979@ana.debian.net>
Reply-to: Ana Guerrero <ana@debian.org>, 451794@bugs.debian.org
In-reply-to: <20071118165210.GA28772@ngolde.de>
References: <20071118165210.GA28772@ngolde.de>

Hi Nico,

On Sun, Nov 18, 2007 at 05:52:10PM +0100, Nico Golde wrote:
> Package: konqueror
> Severity: important
> 
> Hi,
> the following CVE (Common Vulnerabilities & Exposures) id was
> published for konqueror.
> 
> CVE-2007-6000[0]:
> | KDE Konqueror 3.5.6 and earlier allows remote attackers to cause a
> | denial of service (crash) via large HTTP cookie parameters.
> 
> If you fix this vulnerability please also include the CVE id
> in your changelog entry.
> 
> At the moment we didn't rate this bug as a security concern, 
> please check back with upstream.
> 
> For further information:
> [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6000

The real bug here is in Qt3, that is not being fixed anymore by upstream 
(working now in Qt4).
The bug is not considered a serious security concern and it surely won't 
be fixed.

Ana

Reply to:

Follow-Ups:
- Bug#451794: CVE-2007-6000 konqueror allows konqueror to eat alot of memory by a large cookie
  - From: Nico Golde <nion@debian.org>

Prev by Date: Bug#478274: What about fixing this bug?
Next by Date: Processed: tagging 422437
Previous by thread: Processed: reassign 451794 to qt-x11-free
Next by thread: Bug#451794: CVE-2007-6000 konqueror allows konqueror to eat alot of memory by a large cookie
Index(es):
- Date
- Thread