CVE-2012-4513

Konqueror <4.7.3 - DoS

Title source: llm

Description

khtml/imload/scaledimageplane.h in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via large canvas dimensions, which leads to an unexpected sign extension and a heap-based buffer over-read.

Exploits (1)

exploitdb WRITEUP

doslinux

https://www.exploit-db.com/exploits/22406

View Code ZIP pw:eip

References (10)

[Third Party Advisory] http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html

[Various Sources] http://quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=1f8b1b034ccf1713a5d123a4c327290f86d17d53

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2012-1416.html

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2012-1418.html

[Vendor Advisory] http://secunia.com/advisories/51097

[Vendor Advisory] http://secunia.com/advisories/51145

[Exploit] http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1027709

[Mailing List] http://www.openwall.com/lists/oss-security/2012/10/11/11

[Mailing List] http://www.openwall.com/lists/oss-security/2012/10/30/6

Scores

EPSS 0.1512

EPSS Percentile 94.6%

Details

CWE

CWE-119

Status published

Products (1)

kde/kde 4.7.3

Published Nov 11, 2012

Tracked Since Feb 18, 2026