Vulnerabilities > CVE-2012-4512 - Type Confusion vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
The CSS parser (khtml/css/cssparser.cpp) in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via a crafted font face source, related to "type confusion."
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 | |
| OS | 4 |
Common Weakness Enumeration (CWE)
Exploit-Db
| description | Konqueror 4.7.3 Memory Corruption. CVE-2012-4512,CVE-2012-4513,CVE-2012-4514,CVE-2012-4515. Dos exploit for linux platform |
| id | EDB-ID:22406 |
| last seen | 2016-02-02 |
| modified | 2012-11-01 |
| published | 2012-11-01 |
| reporter | Tim Brown |
| source | https://www.exploit-db.com/download/22406/ |
| title | Konqueror 4.7.3 Memory Corruption |
Nessus
NASL family SuSE Local Security Checks NASL id OPENSUSE-2012-815.NASL description This update of kdelibs fixed various memory corruption vulnerabilities. On openSUSE 12.1 a akregator crash on closing tab was fixed. last seen 2020-06-05 modified 2014-06-13 plugin id 74823 published 2014-06-13 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/74823 title openSUSE Security Update : kdelibs4 (openSUSE-SU-2012:1581-1) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2012-1418.NASL description From Red Hat Security Advisory 2012:1418 : Updated kdelibs packages that fix two security issues are now available for Red Hat Enterprise Linux 6 FasTrack. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kdelibs packages provide libraries for the K Desktop Environment (KDE). Konqueror is a web browser. A heap-based buffer overflow flaw was found in the way the CSS (Cascading Style Sheets) parser in kdelibs parsed the location of the source for font faces. A web page containing malicious content could cause an application using kdelibs (such as Konqueror) to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2012-4512) A heap-based buffer over-read flaw was found in the way kdelibs calculated canvas dimensions for large images. A web page containing malicious content could cause an application using kdelibs to crash or disclose portions of its memory. (CVE-2012-4513) Users should upgrade to these updated packages, which contain backported patches to correct these issues. The desktop must be restarted (log out, then log back in) for this update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 68650 published 2013-07-12 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68650 title Oracle Linux 6 : kdelibs (ELSA-2012-1418) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2012-1418.NASL description Updated kdelibs packages that fix two security issues are now available for Red Hat Enterprise Linux 6 FasTrack. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kdelibs packages provide libraries for the K Desktop Environment (KDE). Konqueror is a web browser. A heap-based buffer overflow flaw was found in the way the CSS (Cascading Style Sheets) parser in kdelibs parsed the location of the source for font faces. A web page containing malicious content could cause an application using kdelibs (such as Konqueror) to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2012-4512) A heap-based buffer over-read flaw was found in the way kdelibs calculated canvas dimensions for large images. A web page containing malicious content could cause an application using kdelibs to crash or disclose portions of its memory. (CVE-2012-4513) Users should upgrade to these updated packages, which contain backported patches to correct these issues. The desktop must be restarted (log out, then log back in) for this update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 62772 published 2012-10-31 reporter This script is Copyright (C) 2012-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/62772 title RHEL 6 : kdelibs (RHSA-2012:1418) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2012-1416.NASL description Updated kdelibs packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kdelibs packages provide libraries for the K Desktop Environment (KDE). Konqueror is a web browser. A heap-based buffer overflow flaw was found in the way the CSS (Cascading Style Sheets) parser in kdelibs parsed the location of the source for font faces. A web page containing malicious content could cause an application using kdelibs (such as Konqueror) to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2012-4512) A heap-based buffer over-read flaw was found in the way kdelibs calculated canvas dimensions for large images. A web page containing malicious content could cause an application using kdelibs to crash or disclose portions of its memory. (CVE-2012-4513) Users should upgrade to these updated packages, which contain backported patches to correct these issues. The desktop must be restarted (log out, then log back in) for this update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 62771 published 2012-10-31 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/62771 title RHEL 6 : kdelibs (RHSA-2012:1416) NASL family Scientific Linux Local Security Checks NASL id SL_20121030_KDELIBS_ON_SL6_X.NASL description A heap-based buffer over-read flaw was found in the way kdelibs calculated canvas dimensions for large images. A web page containing malicious content could cause an application using kdelibs to crash or disclose portions of its memory. (CVE-2012-4513) The desktop must be restarted (log out, then log back in) for this update to take effect. last seen 2020-03-18 modified 2012-10-31 plugin id 62775 published 2012-10-31 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/62775 title Scientific Linux Security Update : kdelibs on SL6.x i386/x86_64 (20121030) NASL family SuSE Local Security Checks NASL id SUSE_11_KDELIBS4-130930.NASL description This kdelibs4 update fixes several security issues related to khtml/konqueror. - Fix security issues and NULL pointer references in khtml/konqueror (bnc#787520) (CVE-2012-4512 / CVE-2012-4513 / CVE-2012-4515) last seen 2020-06-05 modified 2013-10-25 plugin id 70632 published 2013-10-25 reporter This script is Copyright (C) 2013-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/70632 title SuSE 11.2 / 11.3 Security Update : kdelibs4 (SAT Patch Numbers 8401 / 8402) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2012-1416.NASL description Updated kdelibs packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kdelibs packages provide libraries for the K Desktop Environment (KDE). Konqueror is a web browser. A heap-based buffer overflow flaw was found in the way the CSS (Cascading Style Sheets) parser in kdelibs parsed the location of the source for font faces. A web page containing malicious content could cause an application using kdelibs (such as Konqueror) to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2012-4512) A heap-based buffer over-read flaw was found in the way kdelibs calculated canvas dimensions for large images. A web page containing malicious content could cause an application using kdelibs to crash or disclose portions of its memory. (CVE-2012-4513) Users should upgrade to these updated packages, which contain backported patches to correct these issues. The desktop must be restarted (log out, then log back in) for this update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 67095 published 2013-06-29 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/67095 title CentOS 6 : kdelibs (CESA-2012:1416) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201406-31.NASL description The remote host is affected by the vulnerability described in GLSA-201406-31 (Konqueror: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Konqueror. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to open a specially crafted web site using Konqueror, possibly resulting in the execution of arbitrary code with the privileges of the process or a Denial of Service condition Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 76288 published 2014-06-28 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/76288 title GLSA-201406-31 : Konqueror: Multiple vulnerabilities NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2012-1416.NASL description From Red Hat Security Advisory 2012:1416 : Updated kdelibs packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kdelibs packages provide libraries for the K Desktop Environment (KDE). Konqueror is a web browser. A heap-based buffer overflow flaw was found in the way the CSS (Cascading Style Sheets) parser in kdelibs parsed the location of the source for font faces. A web page containing malicious content could cause an application using kdelibs (such as Konqueror) to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2012-4512) A heap-based buffer over-read flaw was found in the way kdelibs calculated canvas dimensions for large images. A web page containing malicious content could cause an application using kdelibs to crash or disclose portions of its memory. (CVE-2012-4513) Users should upgrade to these updated packages, which contain backported patches to correct these issues. The desktop must be restarted (log out, then log back in) for this update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 68649 published 2013-07-12 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68649 title Oracle Linux 6 : kdelibs (ELSA-2012-1416) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2012-1418.NASL description Updated kdelibs packages that fix two security issues are now available for Red Hat Enterprise Linux 6 FasTrack. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kdelibs packages provide libraries for the K Desktop Environment (KDE). Konqueror is a web browser. A heap-based buffer overflow flaw was found in the way the CSS (Cascading Style Sheets) parser in kdelibs parsed the location of the source for font faces. A web page containing malicious content could cause an application using kdelibs (such as Konqueror) to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2012-4512) A heap-based buffer over-read flaw was found in the way kdelibs calculated canvas dimensions for large images. A web page containing malicious content could cause an application using kdelibs to crash or disclose portions of its memory. (CVE-2012-4513) Users should upgrade to these updated packages, which contain backported patches to correct these issues. The desktop must be restarted (log out, then log back in) for this update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 62764 published 2012-10-31 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/62764 title CentOS 6 : kdelibs (CESA-2012:1418)
Packetstorm
| data source | https://packetstormsecurity.com/files/download/117774/NDSA20121010.txt |
| id | PACKETSTORM:117774 |
| last seen | 2016-12-05 |
| published | 2012-10-31 |
| reporter | Tim Brown |
| source | https://packetstormsecurity.com/files/117774/Konqueror-4.7.3-Memory-Corruption.html |
| title | Konqueror 4.7.3 Memory Corruption |
Redhat
| rpms |
|
Seebug
| bulletinFamily | exploit |
| description | No description provided by source. |
| id | SSV:76209 |
| last seen | 2017-11-19 |
| modified | 2014-07-01 |
| published | 2014-07-01 |
| reporter | Root |
| source | https://www.seebug.org/vuldb/ssvid-76209 |
| title | Konqueror 4.7.3 Memory Corruption |
References
- http://secunia.com/advisories/51097
- http://em386.blogspot.com/2010/12/webkit-css-type-confusion.html
- http://quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=a872c8a969a8bd3706253d6ba24088e4f07f3352
- http://rhn.redhat.com/errata/RHSA-2012-1418.html
- http://www.openwall.com/lists/oss-security/2012/10/11/11
- http://www.securitytracker.com/id?1027709
- http://www.openwall.com/lists/oss-security/2012/10/30/6
- http://rhn.redhat.com/errata/RHSA-2012-1416.html
- http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc
- http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html
- http://secunia.com/advisories/51145