Oval Definition:oval:org.mitre.oval:def:27156
Revision Date:2014-12-08Version:10
Title:RHSA-2012:1416 -- kdelibs security update (Critical)
Description:The kdelibs packages provide libraries for the K Desktop Environment(KDE). Konqueror is a web browser.A heap-based buffer overflow flaw was found in the way the CSS (CascadingStyle Sheets) parser in kdelibs parsed the location of the source for fontfaces. A web page containing malicious content could cause an applicationusing kdelibs (such as Konqueror) to crash or, potentially, executearbitrary code with the privileges of the user running the application.(CVE-2012-4512)A heap-based buffer over-read flaw was found in the way kdelibs calculatedcanvas dimensions for large images. A web page containing malicious contentcould cause an application using kdelibs to crash or disclose portions ofits memory. (CVE-2012-4513)Users should upgrade to these updated packages, which contain backportedpatches to correct these issues. The desktop must be restarted (log out,then log back in) for this update to take effect.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CESA-2012:1416
CVE-2012-4512
CVE-2012-4513
RHSA-2012:1416
Platform(s):CentOS Linux 6
Red Hat Enterprise Linux 6
Product(s):kdelibs
Definition Synopsis
  • Red Hat Enterprise Linux 6 and CentOS Linux 6 release section
  • Operation system section
  • The operating system installed on the system is Red Hat Enterprise Linux 6
  • OR The operating system installed on the system is CentOS Linux 6.x
  • AND Packages match section
  • kdelibs is earlier than 0:4.3.4-14.el6_3.2
  • OR kdelibs-apidocs is earlier than 0:4.3.4-14.el6_3.2
  • OR kdelibs-common is earlier than 0:4.3.4-14.el6_3.2
  • OR kdelibs-devel is earlier than 0:4.3.4-14.el6_3.2
  • Red Hat Enterprise Linux 6 release section
  • The operating system installed on the system is Red Hat Enterprise Linux 6
  • AND kdelibs-debuginfo is earlier than 0:4.3.4-14.el6_3.2
  • BACK