Multiple vulnerabilities in KDE kdelibs

Posted: November 1, 2012 in Vulnerabilities
Tags: , ,

Vulnerability

vulnerabilities in KDE kdelibs

Vulnerability: Multiple vulnerabilities in KDE kdelibs

Danger: High
Availability of fixes: manual to eliminate
Number of vulnerabilities: 3

CVE ID: CVE-2012-4512
CVE-2012-4513
CVE-2012-4514
CVE-2012-4515

Impact: System Compromise
Affected products: KDE 4.x

Affected versions: KDE 4.C

Description:

Which can be exploited by malicious people to execute arbitrary code on the target system.

1. An error in the file in kdelibs khtml / css / cssparser.cpp processing source fonts in cascading style sheet (CSS). This can be exploited to cause a heap overflow and execute arbitrary code on the target system.

2. An error in the file in kdelibs khtml / imload / scaledimageplane.h in defining extensions canvas. This can be exploited to cause a heap overflow and execute arbitrary code on the target system.

3. An error after release of kdelibs in the file khtml / rendering / render_replaced.cpp while playing for the context menu widget iframe. A remote user can execute arbitrary code on the target system.

Manufacturer URL: www.kde.org

Solution: Install the update from the repository producer.

Links:
http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s