Lucene search

RedhatCVE-2012-4515

HistoryNov 11, 2012 - 1:00 p.m.

CVE-2012-4515

2012-11-1113:00:51

CWE-399

redhat

web.nvd.nist.gov

cve-2012-4515

vulnerability

konqueror

kde 4.7.3

denial of service

remote code execution

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

8.7

Confidence

High

EPSS

0.03

Percentile

90.9%

JSON

Use-after-free vulnerability in khtml/rendering/render_replaced.cpp in Konqueror in KDE 4.7.3, when the context menu is shown, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by accessing an iframe when it is being updated.

Affected configurations

Nvd

Node

kdekdeMatch4.7.3

VendorProductVersionCPE
kdekde4.7.3cpe:2.3:o:kde:kde:4.7.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
kde	kde	4.7.3	cpe:2.3:o:kde:kde:4.7.3:::::::*

References

archives.neohapsis.com/archives/bugtraq/2012-11/0005.html

quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=4f2eb356f1c23444fff2cfe0a7ae10efe303d6d8

secunia.com/advisories/51097

secunia.com/advisories/51145

www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc

www.openwall.com/lists/oss-security/2012/10/11/11

www.openwall.com/lists/oss-security/2012/10/30/6

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

8.7

Confidence

High

EPSS

0.03

Percentile

90.9%

JSON

Related for CVE-2012-4515