CVE-2012-4512

Exploit

EPSS 9.04%
Published 08.02.2020 19:15:10
Last modified 21.11.2024 01:43:02
Source secalert@redhat.com
Teams watchlist Login
Open Login

The CSS parser (khtml/css/cssparser.cpp) in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via a crafted font face source, related to "type confusion."

Affected products Warnungen 0 Metrics 3 CWE 1 References 14

Data is provided by the National Vulnerability Database (NVD)

Kde ≫ Kde Version4.7.3

Redhat ≫ Enterprise Linux Version6.0

Redhat ≫ Enterprise Linux Desktop Version6.0

Redhat ≫ Enterprise Linux Server Eus Version6.3

Redhat ≫ Enterprise Linux Workstation Version6.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	9.04%	0.918

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P

CWE-843 Access of Resource Using Incompatible Type ('Type Confusion')

The product allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type.

http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html

Third Party Advisory

Broken Link

http://rhn.redhat.com/errata/RHSA-2012-1416.html

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2012-1418.html

Third Party Advisory

http://secunia.com/advisories/51097

Third Party Advisory

Not Applicable

http://secunia.com/advisories/51145

Third Party Advisory