Bug 299891 (CVE-2007-1308)
| Summary: | CVE-2007-1308 kdelibs KDE JavaScript denial of service (crash) | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Tomas Hoger <thoger> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | low | Docs Contact: | |
| Priority: | low | ||
| Version: | unspecified | CC: | kseifried, than |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1308 | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2011-09-28 23:17:36 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Tomas Hoger
2007-09-21 09:34:37 UTC
Patch for this issue is included in KDE security advisory: http://www.kde.org/info/security/advisory-20070326-1.txt CVE name is *not* mentioned in KDE advisory, it only references CVE-2007-1564, also discovered and reported by mark. This issue only affects kdelibs as shipped in Red Hat Enterprise Linux 5. Older versions of kdelibs as shipped in Red Hat Enterprise Linux 2.1, 3 and 4 are not affected. This issue has been addressed in following products: Red Hat Linux Enterprise 4 Red Hat Linux Enterprise 4.5.z Red Hat Linux Enterprise 5 Via RHSA-2007:0909 available at https://rhn.redhat.com/errata/RHSA-2007-0909.html |