Vigil@nce - Konqueror: four vulnerabilities
November 2012 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can create a malicious web page, in order to generate
several errors in Konqueror, leading to a denial of service, to
memory reading, or possibly to code execution.
– Impacted products: RHEL, Unix (platform)
– Severity: 2/4
– Creation date: 31/10/2012
DESCRIPTION OF THE VULNERABILITY
Four vulnerabilities were announced in the Konqueror web browser.
An attacker can use a CSS style using the function local() or
format(), in order to read a memory fragment. [severity:1/4;
CVE-2012-4512]
An attacker can use the HTML CANVAS element, in order to read a
memory fragment, or to stop the browser. [severity:1/4;
CVE-2012-4513]
An attacker can use an IFRAME, in order to dereference a NULL
pointer, which stops the browser. [severity:1/4; CVE-2012-4514]
An attacker can modify a currently used IFRAME, in order to use a
freed pointer, which stops the browser, and may lead to code
execution. [severity:2/4; CVE-2012-4515]
An attacker can therefore create a malicious web page, in order to
generate several errors in Konqueror, leading to a denial of
service, to memory reading, or possibly to code execution.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Konqueror-four-vulnerabilities-12102