LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Little things that matter in language design

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

kdelibs: denial of service

Package(s):kdelibs CVE #(s):CVE-2009-1725 CVE-2009-2537
Created:July 28, 2009 Updated:January 25, 2011
Description: From the CVE entries:

WebKit in Apple Safari before 4.0.2 does not properly handle numeric character references, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document. (CVE-2009-1725)

KDE Konqueror allows remote attackers to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692. (CVE-2009-2537)

Alerts:
openSUSE openSUSE-SU-2011:0024-1 2011-01-12
SUSE SUSE-SR:2011:002 2011-01-25
openSUSE openSUSE-SU-2010:1036-1 2010-12-09
Debian DSA-1988-1 2010-02-02
Mandriva MDVSA-2010:027 2010-01-27
Mandriva MDVSA-2010:028 2010-01-27
Mandriva MDVSA-2009:346 2009-12-29
Debian DSA-1950 2009-12-12
Mandriva MDVSA-2009:330 2009-12-10
Ubuntu USN-836-1 2009-09-23
Fedora FEDORA-2009-9391 2009-09-09
Fedora FEDORA-2009-9400 2009-09-09
Fedora FEDORA-2009-8800 2009-08-20
Fedora FEDORA-2009-8802 2009-08-20
Fedora FEDORA-2009-8020 2009-07-27
Fedora FEDORA-2009-8046 2009-07-27
Fedora FEDORA-2009-8049 2009-07-27
Fedora FEDORA-2009-8039 2009-07-27
Ubuntu USN-857-1 2009-11-10
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds