CVE-2006-6297
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
Confidence
High
EPSS
Percentile
91.9%
Stack consumption vulnerability in the KFILE JPEG (kfile_jpeg) plugin in kdegraphics 3, as used by konqueror, digikam, and other KDE image browsers, allows remote attackers to cause a denial of service (stack consumption) via a crafted EXIF section in a JPEG file, which results in an infinite recursion.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| kde | kdegraphics | 3.2 | cpe:2.3:a:kde:kdegraphics:3.2:*:*:*:*:*:*:* |
| kde | kdegraphics | 3.4.3 | cpe:2.3:a:kde:kdegraphics:3.4.3:*:*:*:*:*:*:* |
References
secunia.com/advisories/23203
secunia.com/advisories/23213
secunia.com/advisories/23300
secunia.com/advisories/23728
security.gentoo.org/glsa/glsa-200701-05.xml
securitytracker.com/id?1017325
www.kde.org/info/security/advisory-20061129-1.txt
www.mandriva.com/security/advisories?name=MDKSA-2006:227
www.novell.com/linux/security/advisories/2006_73_mono.html
www.securityfocus.com/bid/21384
www.vupen.com/english/advisories/2006/4810
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
Confidence
High
EPSS
Percentile
91.9%