CVE-2006-7139

NameCVE-2006-7139
DescriptionKmail 1.9.1 on KDE 3.5.2, with "Prefer HTML to Plain Text" enabled, allows remote attackers to cause a denial of service (crash) via an HTML e-mail with certain table and frameset tags that trigger a segmentation fault, possibly involving invalid free or delete operations.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severitylow (attack range: remote)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
kdepim (PTS)jessie4:4.14.1-1+deb8u1vulnerable
stretch4:16.04.3-4~deb9u1vulnerable

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
kdepimsource(unstable)(unfixed)unimportant

Notes

Annoying bug, but neglectable "security implications"

Search for package or bug name: Reporting problems