You are here

CVE-2012-4513

Vincent (CVE) Danen's picture
khtml/imload/scaledimageplane.h in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via large canvas dimensions, which leads to an unexpected sign extension and a heap-based buffer over-read.

Details Source

Mitre

Public Date

2012-10-30 00:00:00

Impact

Low

Bugzilla

CVE-2012-4513 kdelibs: Heap-based buffer over-read when calculating dimensions of the canvas within the scale loop

Bugzilla ID

865 741

CVSS Status

verified

Base Score

5.80

Base Metrics

AV:N/AC:M/Au:N/C:P/I:N/A:P

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 6 (kdelibs) RHSA-2012:1416 2012-10-30
Red Hat Enterprise Linux 6 FasTrack RHSA-2012:1418 2012-10-30

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 5 kdelibs Not affected