KDE : Security Vulnerabilities, CVEs, Published In 2012 CVSS score >= 5
Use-after-free vulnerability in khtml/rendering/render_replaced.cpp in Konqueror in KDE 4.7.3, when the context menu is shown, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by accessing an iframe when it is being updated.
Max CVSS
6.8
EPSS Score
3.50%
Published
2012-11-11
Updated
2012-11-12
rendering/render_replaced.cpp in Konqueror in KDE before 4.9.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted web page, related to "trying to reuse a frame with a null part."
Max CVSS
5.0
EPSS Score
2.49%
Published
2012-11-11
Updated
2012-11-12
khtml/imload/scaledimageplane.h in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via large canvas dimensions, which leads to an unexpected sign extension and a heap-based buffer over-read.
Max CVSS
6.4
EPSS Score
7.39%
Published
2012-11-11
Updated
2012-11-12
Heap-based buffer overflow in the read function in filters/words/msword-odf/wv2/src/styles.cpp in the Microsoft import filter in KOffice 2.3.3 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted ODF style in an ODF document. NOTE: this is the same vulnerability as CVE-2012-3456, but it was SPLIT by the CNA even though Calligra and KOffice share the same codebase.
Max CVSS
7.5
EPSS Score
10.16%
Published
2012-08-20
Updated
2023-02-13
kcheckpass passes a user-supplied argument to the pam_start function, often within a setuid environment, which allows local users to invoke any configured PAM stack, and possibly trigger unintended side effects, via an arbitrary valid PAM service name, a different vulnerability than CVE-2011-4122. NOTE: the vendor indicates that the possibility of resultant privilege escalation may be "a bit far-fetched."
Max CVSS
6.9
EPSS Score
0.04%
Published
2012-01-06
Updated
2017-08-29
5 vulnerabilities found