Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:13950
HistoryAug 21, 2006 - 12:00 a.m.

K-Meleon Concurrency-related Vulnerability

2006-08-2100:00:00
vulners.com
30
JSON

The newest version of K-Meleon browser is affected to disclosed on Bugtraq recently.
When using test link http://lcamtuf.coredump.cx/ffoxdie3.html
browser crashed after a delay of some seconds. No user interaction was needed.

Affected versions:
Vulnerability has been confirmed in K-Meleon 1.0.1 in Windows 2000 SP4 fully patched.

Solution status:
No updated versions available from the vendor at the time of reporting.

Vendor status:
K-Meleon developers was contacted on 18th August 2006.

Credit:
This vulnerability was reported earlier in Firefox 1.5.0.6 by Michal Zalewski.
Juha-Matti Laurio confirmed this vulnerability in K-Meleon.

Timeline:
18-Aug-2006 - Vulnerability confirmed in K-Meleon
18-Aug-2006 - Vendor was contacted
18-Aug-2006 - Security companies and several CERT units contacted

Best regards,
Juha-Matti Laurio
Networksecurity.fi
http://www.networksecurity.fi/

JSON