CVE-2012-4512

Published: Feb 8, 2020Modified: Nov 21, 2024

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

The CSS parser (khtml/css/cssparser.cpp) in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via a crafted font face source, related to "type confusion."

Affected (5)

Products: Kde: Kde · Redhat: Enterprise Linux, Enterprise Linux Desktop, Enterprise Linux Server Eus, Enterprise Linux Workstation

1 product

4 products

Enterprise Linux

Enterprise Linux Desktop

Enterprise Linux Server Eus

Enterprise Linux Workstation

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Kde Kde	Version 4.7.3

Configuration B

4 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux	Version 6.0
Redhat Enterprise Linux Desktop	Version 6.0
Redhat Enterprise Linux Server Eus	Version 6.3
Redhat Enterprise Linux Workstation	Version 6.0

Related CWEs

Access of Resource Using Incompatible Type ('Type Confusion')

The product allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type.

References (22)

http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html

Source: secalert@redhat.com

Broken LinkThird Party Advisory

http://em386.blogspot.com/2010/12/webkit-css-type-confusion.html

Source: secalert@redhat.com

ExploitThird Party Advisory

http://quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=a872c8a969a8bd3706253d6ba24088e4f07f3352

Source: secalert@redhat.com

Broken LinkVendor Advisory

http://rhn.redhat.com/errata/RHSA-2012-1416.html

Source: secalert@redhat.com

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2012-1418.html

Source: secalert@redhat.com

Third Party Advisory

http://secunia.com/advisories/51097

Source: secalert@redhat.com

Not ApplicableThird Party Advisory

http://secunia.com/advisories/51145

Source: secalert@redhat.com

Not ApplicableThird Party Advisory

http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc

Source: secalert@redhat.com

Third Party Advisory

http://www.openwall.com/lists/oss-security/2012/10/11/11

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://www.openwall.com/lists/oss-security/2012/10/30/6

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://www.securitytracker.com/id?1027709

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html

Source: af854a3a-2127-422b-91ae-364da2661108

Broken LinkThird Party Advisory

http://em386.blogspot.com/2010/12/webkit-css-type-confusion.html

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

http://quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=a872c8a969a8bd3706253d6ba24088e4f07f3352

Source: af854a3a-2127-422b-91ae-364da2661108

Broken LinkVendor Advisory

http://rhn.redhat.com/errata/RHSA-2012-1416.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2012-1418.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://secunia.com/advisories/51097

Source: af854a3a-2127-422b-91ae-364da2661108

Not ApplicableThird Party Advisory

http://secunia.com/advisories/51145

Source: af854a3a-2127-422b-91ae-364da2661108

Not ApplicableThird Party Advisory

http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.openwall.com/lists/oss-security/2012/10/11/11

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://www.openwall.com/lists/oss-security/2012/10/30/6

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://www.securitytracker.com/id?1027709

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

Timeline

No history available yet.