CESA-2009:1128 -- centos 3 i386 kdelibsID: oval:org.secpod.oval:def:200310 | Date: (C)2012-01-31 (M)2023-12-07 |
Class: PATCH | Family: unix |
The kdelibs packages provide libraries for the K Desktop Environment . A flaw was found in the way the KDE CSS parser handled content for the CSS "style" attribute. A remote attacker could create a specially-crafted CSS equipped HTML page, which once visited by an unsuspecting user, could cause a denial of service or, potentially, execute arbitrary code with the privileges of the user running Konqueror. Users should upgrade to these updated packages, which contain a backported patch to correct this issue. The desktop must be restarted for this update to take effect.