CVE-2012-4515 – Konqueror 4.7.3 - Memory Corruption
https://notcve.org/view.php?id=CVE-2012-4515
Use-after-free vulnerability in khtml/rendering/render_replaced.cpp in Konqueror in KDE 4.7.3, when the context menu is shown, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by accessing an iframe when it is being updated. Vulnerabilidad de uso después de liberación en khtml/rendering/render_replaced.cpp en Konqueror en KDE v4.7.3, cuando el menú contextual se muestra, permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario mediante el acceso a un iframe cuando se está actualizando. Konqueror version 4.7.3 suffers from a number of memory corruption vulnerabilities. • https://www.exploit-db.com/exploits/22406 http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html http://quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=4f2eb356f1c23444fff2cfe0a7ae10efe303d6d8 http://secunia.com/advisories/51097 http://secunia.com/advisories/51145 http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc http://www.openwall.com/lists/oss-security/2012/10/11/11 http://www.openwall.com/lists/oss-security/2012/10/30/6 • CWE-399: Resource Management Errors •
CVE-2012-4514 – Konqueror 4.7.3 - Memory Corruption
https://notcve.org/view.php?id=CVE-2012-4514
rendering/render_replaced.cpp in Konqueror in KDE before 4.9.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted web page, related to "trying to reuse a frame with a null part." rendering/render_replaced.cpp en Konqueror en KDE antes de v4.9.3 permite a atacantes remotos provocar una denegación de servicio (desreferencia puntero NULL) a través de una página web modificada, relacionado con "tratar de volver a utilizar un marco con una parte nula". Konqueror version 4.7.3 suffers from a number of memory corruption vulnerabilities. • https://www.exploit-db.com/exploits/22406 http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html http://quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=65464349951e0df9b5d80c2eb3cc7458d54923ae http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc http://www.openwall.com/lists/oss-security/2012/10/11/11 http://www.openwall.com/lists/oss-security/2012/10/30/6 https://bugs.kde.org/show_bug.cgi?id=271528 •
CVE-2012-4513 – Konqueror 4.7.3 - Memory Corruption
https://notcve.org/view.php?id=CVE-2012-4513
khtml/imload/scaledimageplane.h in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via large canvas dimensions, which leads to an unexpected sign extension and a heap-based buffer over-read. khtml/imload/scaledimageplane.h en Konqueror en KDE v4.7.3, permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente leer la memoria a través de grandes dimensiones del lienzo, lo que conduce a una extensión de signo inesperado y una sobre lectura de búfer basado en memoria dinámica. Konqueror version 4.7.3 suffers from a number of memory corruption vulnerabilities. • https://www.exploit-db.com/exploits/22406 http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html http://quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=1f8b1b034ccf1713a5d123a4c327290f86d17d53 http://rhn.redhat.com/errata/RHSA-2012-1416.html http://rhn.redhat.com/errata/RHSA-2012-1418.html http://secunia.com/advisories/51097 http://secunia.com/advisories/51145 http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc http://www.openwall.com/lists/oss-security/2012/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2012-4512 – Konqueror 4.7.3 - Memory Corruption
https://notcve.org/view.php?id=CVE-2012-4512
The CSS parser (khtml/css/cssparser.cpp) in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via a crafted font face source, related to "type confusion." El analizador CSS (archivo khtml/css/cssparser.cpp) en Konqueror en KDE versión 4.7.3, permite a atacantes remotos causar una denegación de servicio (bloqueo) y posiblemente leer la memoria por medio de una fuente font face diseñada, relacionada con "type confusion." A heap-based buffer overflow flaw was found in the way the CSS parser of the Document Object Model's (DOM) implementation of KDE libraries performed processing of a location of a particular font face source. A remote attacker with privileges could provide a specially-crafted web page that, when opened in an application linked against KDE libraries, would lead to the application crashing or potential execution of arbitrary code. Konqueror version 4.7.3 suffers from a number of memory corruption vulnerabilities. • https://www.exploit-db.com/exploits/22406 http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html http://em386.blogspot.com/2010/12/webkit-css-type-confusion.html http://quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=a872c8a969a8bd3706253d6ba24088e4f07f3352 http://rhn.redhat.com/errata/RHSA-2012-1416.html http://rhn.redhat.com/errata/RHSA-2012-1418.html http://secunia.com/advisories/51097 http://secunia.com/advisories/51145 http://www.nth-dimension.org.uk/pub/NDSA • CWE-122: Heap-based Buffer Overflow CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVE-2011-2725 – Ark 2.16 Directory Traversal
https://notcve.org/view.php?id=CVE-2011-2725
Directory traversal vulnerability in Ark 4.7.x and earlier allows remote attackers to delete and force the display of arbitrary files via .. (dot dot) sequences in a zip file. Vulnerabilidad de salto de directorio en Ark 4.7.x y anteriores permite a atacantes remotos eliminar y forzar la visualización de archivos arbitrarios a través de secuencias .. (punto punto) en un archivo zip. Ark version 2.16 suffers from a directory traversal vulnerability when handling a malformed ZIP file. • http://lists.opensuse.org/opensuse-updates/2012-03/msg00002.html http://packetstormsecurity.com/files/105610/Ark-2.16-Directory-Traversal.html http://seclists.org/fulldisclosure/2011/Oct/351 http://www.ubuntu.com/usn/USN-1276-1 https://bugzilla.novell.com/show_bug.cgi?id=708268 https://bugzilla.redhat.com/show_bug.cgi?id=725764 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •