Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4513

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2012-4513
Last Modified 12 Nov 2012 03:57:52
Published 11 Nov 2012 08:00:51
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-4513

Summary

khtml/imload/scaledimageplane.h in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via large canvas dimensions, which leads to an unexpected sign extension and a heap-based buffer over-read.

Vulnerable Systems

Operating System

  • Kde 4.7.3


References

SECTRACK - 1027709

MLIST - [oss-security] 20121030 Medium risk security flaws in Konqueror

MLIST - [oss-security] 20121011 Re: Pre-advisory for Konqueror 4.7.3 (other versions may be affected)

MISC - http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc

SECUNIA - 51145

SECUNIA - 51097

REDHAT - RHSA-2012:1418

REDHAT - RHSA-2012:1416

CONFIRM - http://quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=1f8b1b034ccf1713a5d123a4c327290f86d17d53

BUGTRAQ - 20121030 Medium risk security flaws in Konqueror


Last Updated: 27 May 2016 10:56:40