CVE-2012-4513
Konqueror 4.7.3 - Memory Corruption
Severity Score
6.4
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
2
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
khtml/imload/scaledimageplane.h in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via large canvas dimensions, which leads to an unexpected sign extension and a heap-based buffer over-read.
khtml/imload/scaledimageplane.h en Konqueror en KDE v4.7.3, permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente leer la memoria a través de grandes dimensiones del lienzo, lo que conduce a una extensión de signo inesperado y una sobre lectura de búfer basado en memoria dinámica.
Konqueror version 4.7.3 suffers from a number of memory corruption vulnerabilities.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2012-08-21 CVE Reserved
- 2012-10-30 CVE Published
- 2012-11-01 First Exploit
- 2024-04-08 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (13)
URL | Tag | Source |
---|---|---|
http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html | Mailing List | |
http://quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=1f8b1b034ccf1713a5d123a4c327290f86d17d53 | X_refsource_confirm | |
http://www.openwall.com/lists/oss-security/2012/10/11/11 | Mailing List | |
http://www.openwall.com/lists/oss-security/2012/10/30/6 | Mailing List | |
http://www.securitytracker.com/id?1027709 | Vdb Entry |
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/22406 | 2012-11-01 | |
http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc | 2024-08-06 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://rhn.redhat.com/errata/RHSA-2012-1416.html | 2012-11-12 | |
http://rhn.redhat.com/errata/RHSA-2012-1418.html | 2012-11-12 | |
http://secunia.com/advisories/51097 | 2012-11-12 | |
http://secunia.com/advisories/51145 | 2012-11-12 | |
https://access.redhat.com/security/cve/CVE-2012-4513 | 2012-10-30 | |
https://bugzilla.redhat.com/show_bug.cgi?id=865741 | 2012-10-30 |