Vulnerabilities > CVE-2012-4514 - Unspecified vulnerability in KDE

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

kde

nessus

exploit available

NVD

Published: 2012-11-11

Updated: 2012-11-12

Summary

rendering/render_replaced.cpp in Konqueror in KDE before 4.9.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted web page, related to "trying to reuse a frame with a null part."

Vulnerable Configurations

Part	Description	Count
OS	Kde KDE KDE 1.0 KDE KDE 1.1 KDE KDE 1.1.1 KDE KDE 1.1.2 KDE KDE 1.2 KDE KDE 1.X KDE KDE 2.0 KDE KDE 2.0.1 KDE KDE 2.0_Beta KDE KDE 2.1 KDE KDE 2.1.1 KDE KDE 2.1.2 KDE KDE 2.1_Beta1 KDE KDE 2.1_Beta2 KDE KDE 2.2 KDE KDE 2.2.1 KDE KDE 2.2.2 KDE KDE 2.2_Beta1 KDE KDE 3.0 KDE KDE 3.0.1 KDE KDE 3.0.2 KDE KDE 3.0.3 KDE KDE 3.0.3A KDE KDE 3.0.4 KDE KDE 3.0.5 KDE KDE 3.0.5A KDE KDE 3.0.5B KDE KDE 3.0_Beta_1 KDE KDE 3.0_Beta_2 KDE KDE 3.1 KDE KDE 3.1.0 KDE KDE 3.1.1 KDE KDE 3.1.1A KDE KDE 3.1.2 KDE KDE 3.1.3 KDE KDE 3.1.4 KDE KDE 3.1.5 KDE KDE 3.1_Alpha1 KDE KDE 3.1_Beta1 KDE KDE 3.1_Beta2 KDE KDE 3.2 KDE KDE 3.2.0 KDE KDE 3.2.0_Beta1 KDE KDE 3.2.1 KDE KDE 3.2.2 KDE KDE 3.2.3 KDE KDE 3.2.X KDE KDE 3.3 KDE KDE 3.3.0 KDE KDE 3.3.1 KDE KDE 3.3.2 KDE KDE 3.3.X KDE KDE 3.4 KDE KDE 3.4.0 KDE KDE 3.4.1 KDE KDE 3.4.2 KDE KDE 3.4.3 KDE KDE 3.5 KDE KDE 3.5.0 KDE KDE 3.5.1 KDE KDE 3.5.2 KDE KDE 3.5.3 KDE KDE 3.5.4 KDE KDE 3.5.5 KDE KDE 3.5.6 KDE KDE 3.5.7 KDE KDE 3.5.8 KDE KDE 3.5.9 KDE KDE 3.5.10 KDE KDE 4.0.0 KDE KDE 4.0.1 KDE KDE 4.0.2 KDE KDE 4.0.3 KDE KDE 4.7.3 KDE KDE 4.9.0 KDE KDE 4.9.1 KDE KDE *	77

Exploit-Db

description	Konqueror 4.7.3 Memory Corruption. CVE-2012-4512,CVE-2012-4513,CVE-2012-4514,CVE-2012-4515. Dos exploit for linux platform
id	EDB-ID:22406
last seen	2016-02-02
modified	2012-11-01
published	2012-11-01
reporter	Tim Brown
source	https://www.exploit-db.com/download/22406/
title	Konqueror 4.7.3 Memory Corruption

Nessus

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2012-815.NASL
description	This update of kdelibs fixed various memory corruption vulnerabilities. On openSUSE 12.1 a akregator crash on closing tab was fixed.
last seen	2020-06-05
modified	2014-06-13
plugin id	74823
published	2014-06-13
reporter	This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/74823
title	openSUSE Security Update : kdelibs4 (openSUSE-SU-2012:1581-1)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2012-17388.NASL
description	- CVE-2012-4515 - Fix crash when trying to reuse a frame with a null part Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-03-17
modified	2012-11-19
plugin id	62951
published	2012-11-19
reporter	This script is Copyright (C) 2012-2020 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/62951
title	Fedora 16 : kdelibs-4.8.5-2.fc16 (2012-17388)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2012-17234.NASL
description	- CVE-2012-4515 - Fix crash when trying to reuse a frame with a null part - Cache solid device information in open/save dialog, improving overall performance of the dialog (and making the dialog usable again with slow devices because we don
last seen	2020-03-17
modified	2012-11-12
plugin id	62875
published	2012-11-12
reporter	This script is Copyright (C) 2012-2020 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/62875
title	Fedora 18 : kdelibs-4.9.2-11.fc18 (2012-17234)

NASL family	Gentoo Local Security Checks
NASL id	GENTOO_GLSA-201406-31.NASL
description	The remote host is affected by the vulnerability described in GLSA-201406-31 (Konqueror: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Konqueror. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to open a specially crafted web site using Konqueror, possibly resulting in the execution of arbitrary code with the privileges of the process or a Denial of Service condition Workaround : There is no known workaround at this time.
last seen	2020-06-01
modified	2020-06-02
plugin id	76288
published	2014-06-28
reporter	This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/76288
title	GLSA-201406-31 : Konqueror: Multiple vulnerabilities

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2012-17385.NASL
description	- CVE-2012-4515 - Fix crash when trying to reuse a frame with a null part Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-03-17
modified	2012-11-19
plugin id	62950
published	2012-11-19
reporter	This script is Copyright (C) 2012-2020 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/62950
title	Fedora 17 : kdelibs-4.9.2-11.fc17 (2012-17385)

Packetstorm

data source	https://packetstormsecurity.com/files/download/117774/NDSA20121010.txt
id	PACKETSTORM:117774
last seen	2016-12-05
published	2012-10-31
reporter	Tim Brown
source	https://packetstormsecurity.com/files/117774/Konqueror-4.7.3-Memory-Corruption.html
title	Konqueror 4.7.3 Memory Corruption

Seebug

bulletinFamily	exploit
description	No description provided by source.
id	SSV:76209
last seen	2017-11-19
modified	2014-07-01
published	2014-07-01
reporter	Root
source	https://www.seebug.org/vuldb/ssvid-76209
title	Konqueror 4.7.3 Memory Corruption

Summary

Vulnerable Configurations

Exploit-Db

Nessus

Packetstorm

Seebug

References