SB2012111106 - Multiple vulnerabilities in KDE
Published: November 11, 2012 Updated: August 11, 2020
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 secuirty vulnerabilities.
1) Out-of-bounds read (CVE-ID: CVE-2012-4513)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in khtml/imload/scaledimageplane.h in Konqueror in KDE 4.7.3. A remote attacker can perform a denial of service (crash) and possibly read memory via large canvas dimensions, which leads to an unexpected sign extension and a heap-based buffer over-read.
2) Resource management error (CVE-ID: CVE-2012-4515)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Use-after-free vulnerability in khtml/rendering/render_replaced.cpp in Konqueror in KDE 4.7.3, when the context menu is shown, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by accessing an iframe when it is being updated.
Remediation
Cybersecurity Help is not aware of any official remediation provided by the vendor.
References
- http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html
- http://quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=1f8b1b034ccf1713a5d123a4c327290f86d17d53
- http://rhn.redhat.com/errata/RHSA-2012-1416.html
- http://rhn.redhat.com/errata/RHSA-2012-1418.html
- http://secunia.com/advisories/51097
- http://secunia.com/advisories/51145
- http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc
- http://www.openwall.com/lists/oss-security/2012/10/11/11
- http://www.openwall.com/lists/oss-security/2012/10/30/6
- http://www.securitytracker.com/id?1027709
- http://quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=4f2eb356f1c23444fff2cfe0a7ae10efe303d6d8