Vulnerability CVE-2012-4513

Vulnerability Name:

CVE-2012-4513 (CCN-79286)

Assigned:

2012-10-30

Published:

2012-10-30

Updated:

2012-11-12

Summary:

khtml/imload/scaledimageplane.h in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via large canvas dimensions, which leads to an unexpected sign extension and a heap-based buffer over-read.

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

6.4 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:P)
5.0 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:P/E:POC/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): Partial

6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.3 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

5.8 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:P)
4.5 Medium (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:P/E:POC/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): Partial

Vulnerability Type:

CWE-119

Vulnerability Consequences:

Gain Access

References:

Source: BUGTRAQ
Type: UNKNOWN
20121030 Medium risk security flaws in Konqueror

Source: MITRE
Type: CNA
CVE-2012-4513

Source: CCN
Type: Packetstorm Security Website
Konqueror 4.7.3 Memory Corruption

Source: CONFIRM
Type: UNKNOWN
http://quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=1f8b1b034ccf1713a5d123a4c327290f86d17d53

Source: REDHAT
Type: UNKNOWN
RHSA-2012:1416

Source: REDHAT
Type: UNKNOWN
RHSA-2012:1418

Source: CCN
Type: oss-security: Tim Brown | 10 Oct
Pre-advisory for Konqueror 4.7.3 (other versions may be affected)

Source: CCN
Type: SA51097
KDE kdelibs Multiple Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
51097

Source: SECUNIA
Type: Vendor Advisory
51145

Source: CCN
Type: Konqueror Web site
Konqueror - Konqueror - Web Browser, File Manager - and more!

Source: CCN
Type: NDSA20121010
The Konqueror web browser is vulnerable to a number of memory corruption vulnerabilities

Source: MISC
Type: Exploit
http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc

Source: MLIST
Type: UNKNOWN
[oss-security] 20121011 Re: Pre-advisory for Konqueror 4.7.3 (other versions may be affected)

Source: MLIST
Type: UNKNOWN
[oss-security] 20121030 Medium risk security flaws in Konqueror

Source: CCN
Type: BID-55879
KDE Konqueror Multiple Security Vulnerabilities

Source: SECTRACK
Type: UNKNOWN
1027709

Source: CCN
Type: Red Hat Bugzilla Bug 865741
CVE-2012-4513 kdelibs: Heap-based buffer over-read when calculating dimensions of the canvas within the scale loop

Source: XF
Type: UNKNOWN
konqueror-canvas-bo(79286)

Source: EXPLOIT-DB
Type: EXPLOIT
Offensive Security Exploit Database [11-01-2012]

Vulnerable Configuration:

Configuration 1:

cpe:/o:kde:kde:4.7.3:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:6::client:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:6::computenode:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20124513	V	CVE-2012-4513	2022-05-20
oval:org.opensuse.security:def:33760	P	Security update for mariadb (Moderate)	2021-12-30
oval:org.opensuse.security:def:32237	P	Security update for glib-networking (Important)	2021-12-13
oval:org.opensuse.security:def:26180	P	Security update for php74 (Moderate)	2021-12-06
oval:org.opensuse.security:def:26179	P	Security update for gmp (Moderate)	2021-12-02
oval:org.opensuse.security:def:31713	P	Security update for clamav (Moderate)	2021-12-01
oval:org.opensuse.security:def:34594	P	Security update for postgresql12 (Important)	2021-11-22
oval:org.opensuse.security:def:34554	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:26136	P	Security update for gd (Moderate)	2021-09-23
oval:org.opensuse.security:def:29425	P	Security update for MozillaFirefox (Important)	2021-09-22
oval:org.opensuse.security:def:33703	P	Security update for python-PyYAML (Important)	2021-08-24
oval:org.opensuse.security:def:31639	P	Security update for freeradius-server (Moderate)	2021-06-11
oval:org.opensuse.security:def:55200	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:36427	P	kdelibs4-doc-4.3.5-0.14.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:42568	P	kdelibs4-4.3.5-0.14.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36161	P	kdelibs4-4.3.5-0.14.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:33916	P	Security update for dhcp (Important)	2021-06-01
oval:org.opensuse.security:def:31628	P	Security update for dhcp (Important)	2021-06-01
oval:org.opensuse.security:def:31627	P	Security update for djvulibre (Important)	2021-05-31
oval:org.opensuse.security:def:26052	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:32081	P	Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP3) (Important)	2021-04-28
oval:org.opensuse.security:def:55878	P	Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP2) (Important)	2021-04-12
oval:org.opensuse.security:def:33092	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:33085	P	Security update for postgresql-jdbc (Moderate)	2021-02-25
oval:org.opensuse.security:def:33081	P	Security update for postgresql13 (Moderate)	2021-02-22
oval:org.opensuse.security:def:33080	P	Security update for java-1_8_0-openjdk (Moderate)	2021-02-19
oval:org.opensuse.security:def:26191	P	Security update for jasper (Important)	2021-02-16
oval:org.opensuse.security:def:54755	P	Security update for python (Important)	2021-02-11
oval:org.opensuse.security:def:57154	P	Security update for the Linux Kernel (Live Patch 33 for SLE 12 SP3) (Important)	2021-02-10
oval:org.opensuse.security:def:29368	P	Security update for dovecot22 (Important)	2021-01-04
oval:org.opensuse.security:def:25977	P	Security update for openssl-1_1 (Important)	2020-12-10
oval:org.opensuse.security:def:25976	P	Security update for curl (Moderate)	2020-12-10
oval:org.opensuse.security:def:33872	P	Security update for python-setuptools (Important)	2020-12-02
oval:org.opensuse.security:def:26464	P	Security update for enigmail (Moderate)	2020-12-01
oval:org.opensuse.security:def:27746	P	Security update for flac	2020-12-01
oval:org.opensuse.security:def:27892	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:27319	P	wget on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29663	P	Security update for cvs (Moderate)	2020-12-01
oval:org.opensuse.security:def:29823	P	Security update for java-1_6_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:27191	P	libjasper on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:55759	P	Security update for MozillaFirefox, MozillaFirefox-branding-SLE, mozilla-nspr, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:57228	P	Security update for kdelibs4	2020-12-01
oval:org.opensuse.security:def:29082	P	Security update for dhcp (Moderate)	2020-12-01
oval:org.opensuse.security:def:31994	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:32342	P	Security update for spice (Important)	2020-12-01
oval:org.opensuse.security:def:54355	P	perl-Tk on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31937	P	Security update for glibc (Moderate)	2020-12-01
oval:org.opensuse.security:def:33306	P	yast2-core on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26340	P	Recommended update for openjpeg (Moderate)	2020-12-01
oval:org.opensuse.security:def:26486	P	Security update for pdns-recursor (Moderate)	2020-12-01
oval:org.opensuse.security:def:33171	P	libpixman-1-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26553	P	gd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26708	P	glibc on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25786	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26605	P	libtiff3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26897	P	freeradius-server on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27628	P	Security update for kdelibs4	2020-12-01
oval:org.opensuse.security:def:25988	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:27458	P	libldb-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27795	P	Security update for libksba	2020-12-01
oval:org.opensuse.security:def:28530	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:27401	P	flac-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29717	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:29867	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:27115	P	elfutils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29282	P	Security update for xorg-x11-libX11 (Important)	2020-12-01
oval:org.opensuse.security:def:55485	P	Security update for wireshark (Moderate)	2020-12-01
oval:org.opensuse.security:def:55797	P	Security update for openssh (Moderate)	2020-12-01
oval:org.opensuse.security:def:29151	P	Security update for libssh2_org (Moderate)	2020-12-01
oval:org.opensuse.security:def:32381	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:33124	P	kdelibs4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:54377	P	rtkit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33458	P	Security update for iSCSI	2020-12-01
oval:org.opensuse.security:def:33809	P	Security update for ghostscript-library (Moderate)	2020-12-01
oval:org.opensuse.security:def:33401	P	Security update for Salt (Moderate)	2020-12-01
oval:org.opensuse.security:def:26389	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:27124	P	findutils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25995	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:26606	P	libvirt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26752	P	libmusicbrainz4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25710	P	Security update for log4j (Important)	2020-12-01
oval:org.opensuse.security:def:25914	P	Security update for firebird (Moderate)	2020-12-01
oval:org.opensuse.security:def:26756	P	libnewt0_52 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26911	P	gstreamer-0_10-plugins-good on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27542	P	python-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27834	P	Security update for mono-core (Moderate)	2020-12-01
oval:org.opensuse.security:def:28565	P	Security update for kdelibs4	2020-12-01
oval:org.opensuse.security:def:29766	P	Security update for glibc (Moderate)	2020-12-01
oval:org.opensuse.security:def:30505	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:27116	P	emacs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:55593	P	Security update for coreutils (Moderate)	2020-12-01
oval:org.opensuse.security:def:29070	P	Security update for clamav (Important)	2020-12-01
oval:org.opensuse.security:def:32403	P	Security update for vim (Moderate)	2020-12-01
oval:org.opensuse.security:def:54517	P	libXcursor1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33546	P	Security update for ImageMagick (Important)	2020-12-01
oval:org.opensuse.security:def:33848	P	Security update for hplip	2020-12-01
oval:org.opensuse.security:def:26428	P	Security update for redis (Moderate)	2020-12-01
oval:org.opensuse.security:def:27159	P	kdelibs4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26318	P	Security update for MozillaThunderbird (Moderate)	2020-12-01
oval:org.opensuse.security:def:26655	P	xterm on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27390	P	dhcp-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25711	P	Security update for python-aws-sam-translator, python-boto3, python-botocore, python-cfn-lint, python-jsonschema, python-nose2, python-parameterized, python-pathlib2, python-pytest-cov, python-requests, python-s3transfer (Moderate)	2020-12-01
oval:org.opensuse.security:def:26261	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:26809	P	puppet on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26955	P	libmusicbrainz4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26383	P	Security update for Mozilla Thunderbird (Moderate)	2020-12-01
oval:org.opensuse.security:def:27693	P	Security update for xorg-x11-libxcb	2020-12-01
oval:org.opensuse.security:def:27848	P	Security update for OpenSLP	2020-12-01
oval:org.opensuse.security:def:26255	P	Security update for libqt4 (Moderate)	2020-12-01
oval:org.opensuse.security:def:29510	P	Security update for ImageMagick (Low)	2020-12-01
oval:org.opensuse.security:def:29805	P	Security update for ipsec-tools (Moderate)	2020-12-01
oval:org.opensuse.security:def:30542	P	Security update for kdelibs4	2020-12-01
oval:org.opensuse.security:def:27127	P	freetype2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:55034	P	wpa_supplicant on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:55685	P	Security update for libotr (Moderate)	2020-12-01
oval:org.opensuse.security:def:29071	P	Security update for clamav (Moderate)	2020-12-01
oval:org.opensuse.security:def:54928	P	libsoup-2_4-1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32293	P	Security update for postgresql94 (Important)	2020-12-01
oval:org.opensuse.security:def:32447	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:54354	P	perl-LWP-Protocol-https on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31845	P	Security update for clamav (Important)	2020-12-01
oval:org.opensuse.security:def:26287	P	Security update for zeromq (Moderate)	2020-12-01
oval:org.opensuse.security:def:26442	P	Security update for irssi (Moderate)	2020-12-01
oval:org.opensuse.security:def:26402	P	Security update for irssi (Moderate)	2020-12-01
oval:org.opensuse.security:def:26694	P	expat on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27425	P	kdelibs4-doc on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25722	P	Security update for ovmf (Low)	2020-12-01
oval:org.opensuse.security:def:26521	P	amavisd-new on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26858	P	aaa_base on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27593	P	Security update for python-azure-agent (Moderate)	2020-12-01
oval:org.mitre.oval:def:27310	P	ELSA-2012-1416 -- kdelibs security update (critical)	2014-12-15
oval:org.mitre.oval:def:27156	P	RHSA-2012:1416 -- kdelibs security update (Critical)	2014-12-08
oval:org.mitre.oval:def:25329	P	SUSE-SU-2013:1559-1 -- Security update for kdelibs4	2014-09-08
oval:org.mitre.oval:def:23067	P	ELSA-2012:1418: kdelibs security update (Critical)	2014-05-26
oval:org.mitre.oval:def:21385	P	RHSA-2012:1418: kdelibs security update (Critical)	2014-02-24
oval:org.opensuse.security:def:79862	P	Security update for kdelibs4	2013-10-01
oval:com.ubuntu.xenial:def:201245130000000	V	CVE-2012-4513 on Ubuntu 16.04 LTS (xenial) - low.	2012-11-11
oval:com.ubuntu.xenial:def:20124513000	V	CVE-2012-4513 on Ubuntu 16.04 LTS (xenial) - low.	2012-11-11
oval:com.ubuntu.precise:def:20124513000	V	CVE-2012-4513 on Ubuntu 12.04 LTS (precise) - low.	2012-11-11
oval:com.ubuntu.trusty:def:20124513000	V	CVE-2012-4513 on Ubuntu 14.04 LTS (trusty) - low.	2012-11-11
oval:com.redhat.rhsa:def:20121416	P	RHSA-2012:1416: kdelibs security update (Critical)	2012-10-30
oval:com.redhat.rhsa:def:20121418	P	RHSA-2012:1418: kdelibs security update (Critical)	2012-10-30

BACK