LWN.net Logo

kdelibs: multiple vulnerabilities

Package(s):kdelibs CVE #(s):CVE-2009-1687 CVE-2009-1690 CVE-2009-1698
Created:June 25, 2009 Updated:January 25, 2011
Description: kdelibs has multiple vulnerabilities. From the Red Hat alert: A flaw was found in the way the KDE CSS parser handled content for the CSS "style" attribute. A remote attacker could create a specially-crafted CSS equipped HTML page, which once visited by an unsuspecting user, could cause a denial of service (Konqueror crash) or, potentially, execute arbitrary code with the privileges of the user running Konqueror. (CVE-2009-1698) A flaw was found in the way the KDE HTML parser handled content for the HTML "head" element. A remote attacker could create a specially-crafted HTML page, which once visited by an unsuspecting user, could cause a denial of service (Konqueror crash) or, potentially, execute arbitrary code with the privileges of the user running Konqueror. (CVE-2009-1690) An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the KDE JavaScript garbage collector handled memory allocation requests. A remote attacker could create a specially-crafted HTML page, which once visited by an unsuspecting user, could cause a denial of service (Konqueror crash) or, potentially, execute arbitrary code with the privileges of the user running Konqueror. (CVE-2009-1687)
Alerts:
openSUSE openSUSE-SU-2011:0024-1 2011-01-12
SUSE SUSE-SR:2011:002 2011-01-25
openSUSE openSUSE-SU-2010:1034-1 2010-12-09
Debian DSA-1988-1 2010-02-02
Mandriva MDVSA-2010:027 2010-01-27
Mandriva MDVSA-2009:346 2009-12-29
Debian DSA-1950 2009-12-12
Mandriva MDVSA-2009:330 2009-12-10
Ubuntu USN-836-1 2009-09-23
Fedora FEDORA-2009-9391 2009-09-09
Fedora FEDORA-2009-9400 2009-09-09
Ubuntu USN-822-1 2009-08-24
Debian DSA-1868-1 2009-08-19
Debian DSA-1867-1 2009-08-19
Fedora FEDORA-2009-8020 2009-07-27
Fedora FEDORA-2009-8046 2009-07-27
Fedora FEDORA-2009-8049 2009-07-27
Fedora FEDORA-2009-8039 2009-07-27
CentOS CESA-2009:1127 2009-06-26
CentOS CESA-2009:1128 2009-06-25
Red Hat RHSA-2009:1128-01 2009-06-25
Red Hat RHSA-2009:1127-01 2009-06-25
Ubuntu USN-857-1 2009-11-10

(Log in to post comments)

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds