KDE : Security vulnerabilities, CVEs published in November 2012

Copy

CVE-2012-4515

Use-after-free vulnerability in khtml/rendering/render_replaced.cpp in Konqueror in KDE 4.7.3, when the context menu is shown, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by accessing an iframe when it is being updated.

Max CVSS

6.8

EPSS Score

3.50%

Published

2012-11-11

Updated

2012-11-12

CVE-2012-4514

rendering/render_replaced.cpp in Konqueror in KDE before 4.9.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted web page, related to "trying to reuse a frame with a null part."

Max CVSS

5.0

EPSS Score

2.49%

Published

2012-11-11

Updated

2012-11-12

CVE-2012-4513

khtml/imload/scaledimageplane.h in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via large canvas dimensions, which leads to an unexpected sign extension and a heap-based buffer over-read.

Max CVSS

6.4

EPSS Score

7.39%

Published

2012-11-11

Updated

2012-11-12

3 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!