Executive Summary
Summary | |
---|---|
Title | New kdegraphics packages fix several vulnerabilities |
Informations | |||
---|---|---|---|
Name | DSA-1866 | First vendor Publication | 2009-08-19 |
Vendor | Debian | Last vendor Modification | 2009-08-19 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Two security issues have been discovered in kdegraphics, the graphics apps from the official KDE release. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-0945 It was discovered that the KSVG animation element implementation suffers from a null pointer dereference flaw, which could lead to the execution of arbitrary code. CVE-2009-1709 It was discovered that the KSVG animation element implementation is prone to a use-after-free flaw, which could lead to the execution of arbitrary code. For the stable distribution (lenny), these problems have been fixed in version 4:3.5.9-3+lenny2. For the oldstable distribution (etch), these problems have been fixed in version 4:3.5.5-3etch4. For the testing distribution (squeeze) and the unstable distribution (sid), these problems have been fixed in version 4:4.0. We recommend that you upgrade your kdegraphics packages. |
Original Source
Url : http://www.debian.org/security/2009/dsa-1866 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-399 | Resource Management Errors |
50 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10162 | |||
Oval ID: | oval:org.mitre.oval:def:10162 | ||
Title: | Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via an SVG animation element, related to SVG set objects, SVG marker elements, the targetElement attribute, and unspecified "caches." | ||
Description: | Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via an SVG animation element, related to SVG set objects, SVG marker elements, the targetElement attribute, and unspecified "caches." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-1709 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11584 | |||
Oval ID: | oval:org.mitre.oval:def:11584 | ||
Title: | Array index error in the insertItemBefore method in WebKit, as used in Apple Safari before 3.2.3 and 4 Public Beta, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome Stable before 1.0.154.65, and possibly other products allows remote attackers to execute arbitrary code via a document with a SVGPathList data structure containing a negative index in the (1) SVGTransformList, (2) SVGStringList, (3) SVGNumberList, (4) SVGPathSegList, (5) SVGPointList, or (6) SVGLengthList SVGList object, which triggers memory corruption. | ||
Description: | Array index error in the insertItemBefore method in WebKit, as used in Apple Safari before 3.2.3 and 4 Public Beta, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome Stable before 1.0.154.65, and possibly other products allows remote attackers to execute arbitrary code via a document with a SVGPathList data structure containing a negative index in the (1) SVGTransformList, (2) SVGStringList, (3) SVGNumberList, (4) SVGPathSegList, (5) SVGPointList, or (6) SVGLengthList SVGList object, which triggers memory corruption. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-0945 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22802 | |||
Oval ID: | oval:org.mitre.oval:def:22802 | ||
Title: | ELSA-2009:1130: kdegraphics security update (Critical) | ||
Description: | Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via an SVG animation element, related to SVG set objects, SVG marker elements, the targetElement attribute, and unspecified "caches." | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2009:1130-01 CVE-2009-0945 CVE-2009-1709 | Version: | 13 |
Platform(s): | Oracle Linux 5 | Product(s): | kdegraphics |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:29125 | |||
Oval ID: | oval:org.mitre.oval:def:29125 | ||
Title: | RHSA-2009:1130 -- kdegraphics security update (Critical) | ||
Description: | Updated kdegraphics packages that fix two security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. The kdegraphics packages contain applications for the K Desktop Environment (KDE). Scalable Vector Graphics (SVG) is an XML-based language to describe vector images. KSVG is a framework aimed at implementing the latest W3C SVG specifications. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2009:1130 CESA-2009:1130-CentOS 5 CVE-2009-0945 CVE-2009-1709 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | kdegraphics |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2011-08-09 | Name : CentOS Update for kdegraphics CESA-2009:1130 centos5 i386 File : nvt/gb_CESA-2009_1130_kdegraphics_centos5_i386.nasl |
2010-09-22 | Name : Mandriva Update for kdegraphics MDVSA-2010:182 (kdegraphics) File : nvt/gb_mandriva_MDVSA_2010_182.nasl |
2010-05-12 | Name : Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002 File : nvt/macosx_upd_10_5_7_secupd_2009-002.nasl |
2010-01-29 | Name : Mandriva Update for kdelibs4 MDVSA-2010:027 (kdelibs4) File : nvt/gb_mandriva_MDVSA_2010_027.nasl |
2009-12-14 | Name : Mandriva Security Advisory MDVSA-2009:331 (kdegraphics) File : nvt/mdksa_2009_331.nasl |
2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
2009-11-11 | Name : Ubuntu USN-857-1 (qt4-x11) File : nvt/ubuntu_857_1.nasl |
2009-09-28 | Name : Ubuntu USN-836-1 (webkit) File : nvt/ubuntu_836_1.nasl |
2009-09-02 | Name : Debian Security Advisory DSA 1866-1 (kdegraphics) File : nvt/deb_1866_1.nasl |
2009-09-02 | Name : Ubuntu USN-822-1 (kdelibs) File : nvt/ubuntu_822_1.nasl |
2009-09-02 | Name : Ubuntu USN-823-1 (kdegraphics) File : nvt/ubuntu_823_1.nasl |
2009-07-29 | Name : Fedora Core 10 FEDORA-2009-8049 (kdelibs) File : nvt/fcore_2009_8049.nasl |
2009-07-29 | Name : Fedora Core 11 FEDORA-2009-8039 (kdelibs) File : nvt/fcore_2009_8039.nasl |
2009-07-29 | Name : Fedora Core 11 FEDORA-2009-6166 (webkitgtk) File : nvt/fcore_2009_6166.nasl |
2009-06-30 | Name : CentOS Security Advisory CESA-2009:1130 (kdegraphics) File : nvt/ovcesa2009_1130.nasl |
2009-06-30 | Name : RedHat Security Advisory RHSA-2009:1130 File : nvt/RHSA_2009_1130.nasl |
2009-06-16 | Name : Apple Safari Multiple Vulnerabilities June-09 (Win) - I File : nvt/gb_apple_safari_mult_vuln_jun09_1.nasl |
2009-06-05 | Name : Ubuntu USN-776-2 (kvm) File : nvt/ubuntu_776_2.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
55415 | KDE Konqueror WebKit SVG Animation Element Use-after-free Arbitrary Code Exec... |
55013 | Apple Safari WebKit SVG Animation Element Set.targetElement() Use-after-free ... |
54500 | Google Chrome WebKit SVGList Object Handling Memory Corruption |
54455 | Apple Safari WebKit SVGList Object Handling Memory Corruption |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_libwebkit-110104.nasl - Type : ACT_GATHER_INFO |
2013-03-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-823-1.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090625_kdegraphics_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_libwebkit-110111.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_kdegraphics3-101104.nasl - Type : ACT_GATHER_INFO |
2010-12-10 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kdegraphics3-7235.nasl - Type : ACT_GATHER_INFO |
2010-09-16 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-182.nasl - Type : ACT_GATHER_INFO |
2010-07-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-027.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1866.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1988.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1950.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1130.nasl - Type : ACT_GATHER_INFO |
2009-11-11 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-857-1.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-836-1.nasl - Type : ACT_GATHER_INFO |
2009-08-25 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-822-1.nasl - Type : ACT_GATHER_INFO |
2009-07-29 | Name : The remote Fedora host is missing a security update. File : fedora_2009-8049.nasl - Type : ACT_GATHER_INFO |
2009-07-29 | Name : The remote Fedora host is missing a security update. File : fedora_2009-8039.nasl - Type : ACT_GATHER_INFO |
2009-07-13 | Name : The remote Fedora host is missing a security update. File : fedora_2009-6166.nasl - Type : ACT_GATHER_INFO |
2009-06-26 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1130.nasl - Type : ACT_GATHER_INFO |
2009-06-09 | Name : The remote host contains a web browser that is affected by several vulnerabil... File : macosx_Safari4_0.nasl - Type : ACT_GATHER_INFO |
2009-06-09 | Name : The remote host contains a web browser that is affected by several vulnerabil... File : safari_4.0.nasl - Type : ACT_GATHER_INFO |
2009-05-15 | Name : The remote host contains a web browser that is affected by a remote code exec... File : google_chrome_1_0_154_65.nasl - Type : ACT_GATHER_INFO |
2009-05-13 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_5_7.nasl - Type : ACT_GATHER_INFO |
2009-05-13 | Name : The remote host contains a web browser that is affected by several vulnerabil... File : safari_3_2_3.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:28:44 |
|