Executive Summary
Summary | |
---|---|
Title | kdegraphics security update |
Informations | |||
---|---|---|---|
Name | RHSA-2009:1130 | First vendor Publication | 2009-06-25 |
Vendor | RedHat | Last vendor Modification | 2009-06-25 |
Severity (Vendor) | Critical | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated kdegraphics packages that fix two security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 RHEL Desktop Workstation (v. 5 client) - i386, x86_64 RHEL Optional Productivity Applications (v. 5 server) - i386, x86_64 3. Description: The kdegraphics packages contain applications for the K Desktop Environment (KDE). Scalable Vector Graphics (SVG) is an XML-based language to describe vector images. KSVG is a framework aimed at implementing the latest W3C SVG specifications. A use-after-free flaw was found in the KDE KSVG animation element implementation. A remote attacker could create a specially-crafted SVG image, which once opened by an unsuspecting user, could cause a denial of service (Konqueror crash) or, potentially, execute arbitrary code with the privileges of the user running Konqueror. (CVE-2009-1709) A NULL pointer dereference flaw was found in the KDE, KSVG SVGList interface implementation. A remote attacker could create a specially-crafted SVG image, which once opened by an unsuspecting user, would cause memory corruption, leading to a denial of service (Konqueror crash). (CVE-2009-0945) All users of kdegraphics should upgrade to these updated packages, which contain backported patches to correct these issues. The desktop must be restarted (log out, then log back in) for this update to take effect. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 506246 - CVE-2009-1709 kdegraphics: KSVG Pointer use-after-free error in the SVG animation element (DoS, ACE) 506703 - CVE-2009-0945 kdegraphics: KSVG NULL-pointer dereference in the SVGList interface implementation (ACE) |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2009-1130.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-399 | Resource Management Errors |
50 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10162 | |||
Oval ID: | oval:org.mitre.oval:def:10162 | ||
Title: | Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via an SVG animation element, related to SVG set objects, SVG marker elements, the targetElement attribute, and unspecified "caches." | ||
Description: | Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via an SVG animation element, related to SVG set objects, SVG marker elements, the targetElement attribute, and unspecified "caches." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-1709 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11584 | |||
Oval ID: | oval:org.mitre.oval:def:11584 | ||
Title: | Array index error in the insertItemBefore method in WebKit, as used in Apple Safari before 3.2.3 and 4 Public Beta, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome Stable before 1.0.154.65, and possibly other products allows remote attackers to execute arbitrary code via a document with a SVGPathList data structure containing a negative index in the (1) SVGTransformList, (2) SVGStringList, (3) SVGNumberList, (4) SVGPathSegList, (5) SVGPointList, or (6) SVGLengthList SVGList object, which triggers memory corruption. | ||
Description: | Array index error in the insertItemBefore method in WebKit, as used in Apple Safari before 3.2.3 and 4 Public Beta, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome Stable before 1.0.154.65, and possibly other products allows remote attackers to execute arbitrary code via a document with a SVGPathList data structure containing a negative index in the (1) SVGTransformList, (2) SVGStringList, (3) SVGNumberList, (4) SVGPathSegList, (5) SVGPointList, or (6) SVGLengthList SVGList object, which triggers memory corruption. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-0945 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22802 | |||
Oval ID: | oval:org.mitre.oval:def:22802 | ||
Title: | ELSA-2009:1130: kdegraphics security update (Critical) | ||
Description: | Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via an SVG animation element, related to SVG set objects, SVG marker elements, the targetElement attribute, and unspecified "caches." | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2009:1130-01 CVE-2009-0945 CVE-2009-1709 | Version: | 13 |
Platform(s): | Oracle Linux 5 | Product(s): | kdegraphics |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:29125 | |||
Oval ID: | oval:org.mitre.oval:def:29125 | ||
Title: | RHSA-2009:1130 -- kdegraphics security update (Critical) | ||
Description: | Updated kdegraphics packages that fix two security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. The kdegraphics packages contain applications for the K Desktop Environment (KDE). Scalable Vector Graphics (SVG) is an XML-based language to describe vector images. KSVG is a framework aimed at implementing the latest W3C SVG specifications. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2009:1130 CESA-2009:1130-CentOS 5 CVE-2009-0945 CVE-2009-1709 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | kdegraphics |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2011-08-09 | Name : CentOS Update for kdegraphics CESA-2009:1130 centos5 i386 File : nvt/gb_CESA-2009_1130_kdegraphics_centos5_i386.nasl |
2010-09-22 | Name : Mandriva Update for kdegraphics MDVSA-2010:182 (kdegraphics) File : nvt/gb_mandriva_MDVSA_2010_182.nasl |
2010-05-12 | Name : Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002 File : nvt/macosx_upd_10_5_7_secupd_2009-002.nasl |
2010-01-29 | Name : Mandriva Update for kdelibs4 MDVSA-2010:027 (kdelibs4) File : nvt/gb_mandriva_MDVSA_2010_027.nasl |
2009-12-14 | Name : Mandriva Security Advisory MDVSA-2009:331 (kdegraphics) File : nvt/mdksa_2009_331.nasl |
2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
2009-11-11 | Name : Ubuntu USN-857-1 (qt4-x11) File : nvt/ubuntu_857_1.nasl |
2009-09-28 | Name : Ubuntu USN-836-1 (webkit) File : nvt/ubuntu_836_1.nasl |
2009-09-02 | Name : Debian Security Advisory DSA 1866-1 (kdegraphics) File : nvt/deb_1866_1.nasl |
2009-09-02 | Name : Ubuntu USN-822-1 (kdelibs) File : nvt/ubuntu_822_1.nasl |
2009-09-02 | Name : Ubuntu USN-823-1 (kdegraphics) File : nvt/ubuntu_823_1.nasl |
2009-07-29 | Name : Fedora Core 10 FEDORA-2009-8049 (kdelibs) File : nvt/fcore_2009_8049.nasl |
2009-07-29 | Name : Fedora Core 11 FEDORA-2009-8039 (kdelibs) File : nvt/fcore_2009_8039.nasl |
2009-07-29 | Name : Fedora Core 11 FEDORA-2009-6166 (webkitgtk) File : nvt/fcore_2009_6166.nasl |
2009-06-30 | Name : CentOS Security Advisory CESA-2009:1130 (kdegraphics) File : nvt/ovcesa2009_1130.nasl |
2009-06-30 | Name : RedHat Security Advisory RHSA-2009:1130 File : nvt/RHSA_2009_1130.nasl |
2009-06-16 | Name : Apple Safari Multiple Vulnerabilities June-09 (Win) - I File : nvt/gb_apple_safari_mult_vuln_jun09_1.nasl |
2009-06-05 | Name : Ubuntu USN-776-2 (kvm) File : nvt/ubuntu_776_2.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
55415 | KDE Konqueror WebKit SVG Animation Element Use-after-free Arbitrary Code Exec... |
55013 | Apple Safari WebKit SVG Animation Element Set.targetElement() Use-after-free ... |
54500 | Google Chrome WebKit SVGList Object Handling Memory Corruption |
54455 | Apple Safari WebKit SVGList Object Handling Memory Corruption |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_libwebkit-110104.nasl - Type : ACT_GATHER_INFO |
2013-03-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-823-1.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090625_kdegraphics_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_libwebkit-110111.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_kdegraphics3-101104.nasl - Type : ACT_GATHER_INFO |
2010-12-10 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kdegraphics3-7235.nasl - Type : ACT_GATHER_INFO |
2010-09-16 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-182.nasl - Type : ACT_GATHER_INFO |
2010-07-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-027.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1866.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1988.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1950.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1130.nasl - Type : ACT_GATHER_INFO |
2009-11-11 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-857-1.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-836-1.nasl - Type : ACT_GATHER_INFO |
2009-08-25 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-822-1.nasl - Type : ACT_GATHER_INFO |
2009-07-29 | Name : The remote Fedora host is missing a security update. File : fedora_2009-8049.nasl - Type : ACT_GATHER_INFO |
2009-07-29 | Name : The remote Fedora host is missing a security update. File : fedora_2009-8039.nasl - Type : ACT_GATHER_INFO |
2009-07-13 | Name : The remote Fedora host is missing a security update. File : fedora_2009-6166.nasl - Type : ACT_GATHER_INFO |
2009-06-26 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1130.nasl - Type : ACT_GATHER_INFO |
2009-06-09 | Name : The remote host contains a web browser that is affected by several vulnerabil... File : macosx_Safari4_0.nasl - Type : ACT_GATHER_INFO |
2009-06-09 | Name : The remote host contains a web browser that is affected by several vulnerabil... File : safari_4.0.nasl - Type : ACT_GATHER_INFO |
2009-05-15 | Name : The remote host contains a web browser that is affected by a remote code exec... File : google_chrome_1_0_154_65.nasl - Type : ACT_GATHER_INFO |
2009-05-13 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_5_7.nasl - Type : ACT_GATHER_INFO |
2009-05-13 | Name : The remote host contains a web browser that is affected by several vulnerabil... File : safari_3_2_3.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:52:38 |
|