You are here

CVE-2012-4515

Vincent (CVE) Danen's picture
Use-after-free vulnerability in khtml/rendering/render_replaced.cpp in Konqueror in KDE 4.7.3, when the context menu is shown, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by accessing an iframe when it is being updated.

Details Source

Mitre

Statement

Not vulnerable. This issue did not affect the versions of kdelibs as shipped with Red Hat Enterprise Linux 5 and 6.

Public Date

2012-10-30 00:00:00

Impact

Important

Bugzilla

CVE-2012-4515 kdelibs: Use-after-free when context menu being used whilst the document DOM is being changed from within JavaScript

Bugzilla ID

865 831

CVSS Status

draft

Base Score

5.10

Base Metrics

AV:N/AC:H/Au:N/C:P/I:P/A:P

CWE

CWE-416

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 6 kdelibs Not affected
Red Hat Enterprise Linux 5 kdelibs Not affected