CVE-2012-4512
Konqueror 4.7.3 - Memory Corruption
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
The CSS parser (khtml/css/cssparser.cpp) in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via a crafted font face source, related to "type confusion."
El analizador CSS (archivo khtml/css/cssparser.cpp) en Konqueror en KDE versión 4.7.3, permite a atacantes remotos causar una denegación de servicio (bloqueo) y posiblemente leer la memoria por medio de una fuente font face diseñada, relacionada con "type confusion."
A heap-based buffer overflow flaw was found in the way the CSS parser of the Document Object Model's (DOM) implementation of KDE libraries performed processing of a location of a particular font face source. A remote attacker with privileges could provide a specially-crafted web page that, when opened in an application linked against KDE libraries, would lead to the application crashing or potential execution of arbitrary code.
Konqueror version 4.7.3 suffers from a number of memory corruption vulnerabilities.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2012-08-21 CVE Reserved
- 2012-10-30 CVE Published
- 2012-11-01 First Exploit
- 2023-03-08 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-122: Heap-based Buffer Overflow
- CWE-843: Access of Resource Using Incompatible Type ('Type Confusion')
CAPEC
References (14)
| URL | Tag | Source |
|---|---|---|
| http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html | Broken Link | |
| http://rhn.redhat.com/errata/RHSA-2012-1416.html | Third Party Advisory | |
| http://rhn.redhat.com/errata/RHSA-2012-1418.html | Third Party Advisory | |
| http://secunia.com/advisories/51097 | Not Applicable | |
| http://secunia.com/advisories/51145 | Not Applicable | |
| http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc | Third Party Advisory | |
| http://www.openwall.com/lists/oss-security/2012/10/11/11 | Mailing List |
|
| http://www.openwall.com/lists/oss-security/2012/10/30/6 | Mailing List |
|
| http://www.securitytracker.com/id?1027709 | Third Party Advisory |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/22406 | 2012-11-01 | |
| http://em386.blogspot.com/2010/12/webkit-css-type-confusion.html | 2024-08-06 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Kde Search vendor "Kde" | Kde Search vendor "Kde" for product "Kde" | 4.7.3 Search vendor "Kde" for product "Kde" and version "4.7.3" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 6.0 Search vendor "Redhat" for product "Enterprise Linux" and version "6.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Desktop Search vendor "Redhat" for product "Enterprise Linux Desktop" | 6.0 Search vendor "Redhat" for product "Enterprise Linux Desktop" and version "6.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Server Eus Search vendor "Redhat" for product "Enterprise Linux Server Eus" | 6.3 Search vendor "Redhat" for product "Enterprise Linux Server Eus" and version "6.3" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Workstation Search vendor "Redhat" for product "Enterprise Linux Workstation" | 6.0 Search vendor "Redhat" for product "Enterprise Linux Workstation" and version "6.0" | - |
Affected
| ||||||