CVE-2012-4512
Konqueror 4.7.3 - Memory Corruption
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
The CSS parser (khtml/css/cssparser.cpp) in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via a crafted font face source, related to "type confusion."
El analizador CSS (archivo khtml/css/cssparser.cpp) en Konqueror en KDE versión 4.7.3, permite a atacantes remotos causar una denegación de servicio (bloqueo) y posiblemente leer la memoria por medio de una fuente font face diseñada, relacionada con "type confusion."
A heap-based buffer overflow flaw was found in the way the CSS parser of the Document Object Model's (DOM) implementation of KDE libraries performed processing of a location of a particular font face source. A remote attacker with privileges could provide a specially-crafted web page that, when opened in an application linked against KDE libraries, would lead to the application crashing or potential execution of arbitrary code.
Multiple vulnerabilities have been found in Konqueror, the worst of which may allow execution of arbitrary code. Versions less than 4.9.3-r1 are affected.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2012-08-21 CVE Reserved
- 2012-11-01 First Exploit
- 2014-06-27 CVE Published
- 2024-08-06 CVE Updated
- 2025-02-01 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-122: Heap-based Buffer Overflow
- CWE-843: Access of Resource Using Incompatible Type ('Type Confusion')
CAPEC
References (14)
| URL | Tag | Source |
|---|---|---|
| http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html | Broken Link | |
| http://rhn.redhat.com/errata/RHSA-2012-1416.html | Third Party Advisory | |
| http://rhn.redhat.com/errata/RHSA-2012-1418.html | Third Party Advisory | |
| http://secunia.com/advisories/51097 | Not Applicable | |
| http://secunia.com/advisories/51145 | Not Applicable | |
| http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc | Third Party Advisory | |
| http://www.openwall.com/lists/oss-security/2012/10/11/11 | Mailing List |
|
| http://www.openwall.com/lists/oss-security/2012/10/30/6 | Mailing List |
|
| http://www.securitytracker.com/id?1027709 | Third Party Advisory |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/22406 | 2012-11-01 | |
| http://em386.blogspot.com/2010/12/webkit-css-type-confusion.html | 2024-08-06 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Kde Search vendor "Kde" | Kde Search vendor "Kde" for product "Kde" | 4.7.3 Search vendor "Kde" for product "Kde" and version "4.7.3" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 6.0 Search vendor "Redhat" for product "Enterprise Linux" and version "6.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Desktop Search vendor "Redhat" for product "Enterprise Linux Desktop" | 6.0 Search vendor "Redhat" for product "Enterprise Linux Desktop" and version "6.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Server Eus Search vendor "Redhat" for product "Enterprise Linux Server Eus" | 6.3 Search vendor "Redhat" for product "Enterprise Linux Server Eus" and version "6.3" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Workstation Search vendor "Redhat" for product "Enterprise Linux Workstation" | 6.0 Search vendor "Redhat" for product "Enterprise Linux Workstation" and version "6.0" | - |
Affected
| ||||||