[Forgot Password]
Login  Register Subscribe

23631

 
 

126941

 
 

98503

 
 

909

 
 

79321

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

CESA-2009:1130 -- centos 5 x86_64 kdegraphics

ID: oval:org.secpod.oval:def:202174Date: (C)2012-01-31   (M)2017-10-04
Class: PATCHFamily: unix




The kdegraphics packages contain applications for the K Desktop Environment . Scalable Vector Graphics is an XML-based language to describe vector images. KSVG is a framework aimed at implementing the latest W3C SVG specifications. A use-after-free flaw was found in the KDE KSVG animation element implementation. A remote attacker could create a specially-crafted SVG image, which once opened by an unsuspecting user, could cause a denial of service or, potentially, execute arbitrary code with the privileges of the user running Konqueror. A NULL pointer dereference flaw was found in the KDE, KSVG SVGList interface implementation. A remote attacker could create a specially-crafted SVG image, which once opened by an unsuspecting user, would cause memory corruption, leading to a denial of service . All users of kdegraphics should upgrade to these updated packages, which contain backported patches to correct these issues. The desktop must be restarted for this update to take effect.

Platform:
CentOS 5
Product:
kdegraphics
Reference:
CESA-2009:1130
CVE-2009-0945
CVE-2009-1709
CVE    2
CVE-2009-1709
CVE-2009-0945
CPE    53
cpe:/a:kde:kdegraphics
cpe:/o:centos:centos:5
cpe:/a:apple:safari:4.0:beta
cpe:/a:apple:safari:1.0.0b1
...

© 2013 SecPod Technologies