What is the severity of CVE-2006-6297?

CVE-2006-6297 has been classified as a denial of service vulnerability due to stack consumption.

How do I fix CVE-2006-6297?

To fix CVE-2006-6297, update to a patched version of KDE Graphics that addresses this vulnerability.

Which versions of KDE Graphics are affected by CVE-2006-6297?

Versions 3.2 and 3.4.3 of KDE Graphics are affected by CVE-2006-6297.

What applications use the vulnerable KFILE JPEG plugin related to CVE-2006-6297?

Applications like Konqueror and Digikam utilize the vulnerable KFILE JPEG plugin affected by CVE-2006-6297.

What type of attack is possible using CVE-2006-6297?

CVE-2006-6297 allows remote attackers to craft a malicious JPEG file that causes a denial of service through infinite recursion.

Vulnerability/
CVE-2006-6297

medium

CWE

399

5/12/2006

7/8/2024

CVE-2006-6297

First published: Tue Dec 05 2006(Updated: )

Stack consumption vulnerability in the KFILE JPEG (kfile_jpeg) plugin in kdegraphics 3, as used by konqueror, digikam, and other KDE image browsers, allows remote attackers to cause a denial of service (stack consumption) via a crafted EXIF section in a JPEG file, which results in an infinite recursion.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
KDE Graphics	=3.4.3
KDE Graphics	=3.2

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2006-6297?
CVE-2006-6297 has been classified as a denial of service vulnerability due to stack consumption.
How do I fix CVE-2006-6297?
To fix CVE-2006-6297, update to a patched version of KDE Graphics that addresses this vulnerability.
Which versions of KDE Graphics are affected by CVE-2006-6297?
Versions 3.2 and 3.4.3 of KDE Graphics are affected by CVE-2006-6297.
What applications use the vulnerable KFILE JPEG plugin related to CVE-2006-6297?
Applications like Konqueror and Digikam utilize the vulnerable KFILE JPEG plugin affected by CVE-2006-6297.
What type of attack is possible using CVE-2006-6297?
CVE-2006-6297 allows remote attackers to craft a malicious JPEG file that causes a denial of service through infinite recursion.

agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/weakness
agent/references
agent/severity
agent/author
agent/last-modified-date
agent/event
agent/first-publish-date
agent/description
agent/source
agent/tags
collector/nvd-historical
vendor/kde
product/kdegraphics
canonical/kde kdegraphics
agent/software-canonical-lookup-request
collector/nvd-index
canonical/kde graphics
version/kde graphics/3.4.3
version/kde graphics/3.2

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.