CVE-2012-4512 - The CSS parser (khtml/css/cssparser.cpp) in Konqueror in KDE 4.7.3 allows remote attackers to cause

CVE-2012-4512

Summary

The CSS parser (khtml/css/cssparser.cpp) in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via a crafted font face source, related to "type confusion."

References

Vulnerable Configurations

cpe:2.3:a:kde:kde:4.7.3:*:*:*:*:*:*:*
cpe:2.3:a:kde:kde:4.7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:6.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:6.3:*:*:*:*:*:*:*

CVSS

Base:	6.8 (as of 13-02-2023 - 00:26)
Impact:
Exploitability:

CWE

CWE-843

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:P/A:P

redhat via4

rpms

kdelibs-6:4.3.4-14.el6_3.2
kdelibs-apidocs-6:4.3.4-14.el6_3.2
kdelibs-common-6:4.3.4-14.el6_3.2
kdelibs-debuginfo-6:4.3.4-14.el6_3.2
kdelibs-devel-6:4.3.4-14.el6_3.2

refmap via4

Last major update

13-02-2023 - 00:26

Published

08-02-2020 - 19:15

Last modified

13-02-2023 - 00:26