Executive Summary
Summary | |
---|---|
Title | KDE-Graphics vulnerabilities |
Informations | |||
---|---|---|---|
Name | USN-823-1 | First vendor Publication | 2009-08-24 |
Vendor | Ubuntu | Last vendor Modification | 2009-08-24 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: After a standard system upgrade you need to restart your session to effect the necessary changes. Details follow: It was discovered that KDE-Graphics did not properly handle certain malformed SVG images. If a user were tricked into opening a specially crafted SVG image, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. |
Original Source
Url : http://www.ubuntu.com/usn/USN-823-1 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-399 | Resource Management Errors |
50 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10162 | |||
Oval ID: | oval:org.mitre.oval:def:10162 | ||
Title: | Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via an SVG animation element, related to SVG set objects, SVG marker elements, the targetElement attribute, and unspecified "caches." | ||
Description: | Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via an SVG animation element, related to SVG set objects, SVG marker elements, the targetElement attribute, and unspecified "caches." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-1709 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11584 | |||
Oval ID: | oval:org.mitre.oval:def:11584 | ||
Title: | Array index error in the insertItemBefore method in WebKit, as used in Apple Safari before 3.2.3 and 4 Public Beta, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome Stable before 1.0.154.65, and possibly other products allows remote attackers to execute arbitrary code via a document with a SVGPathList data structure containing a negative index in the (1) SVGTransformList, (2) SVGStringList, (3) SVGNumberList, (4) SVGPathSegList, (5) SVGPointList, or (6) SVGLengthList SVGList object, which triggers memory corruption. | ||
Description: | Array index error in the insertItemBefore method in WebKit, as used in Apple Safari before 3.2.3 and 4 Public Beta, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome Stable before 1.0.154.65, and possibly other products allows remote attackers to execute arbitrary code via a document with a SVGPathList data structure containing a negative index in the (1) SVGTransformList, (2) SVGStringList, (3) SVGNumberList, (4) SVGPathSegList, (5) SVGPointList, or (6) SVGLengthList SVGList object, which triggers memory corruption. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-0945 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22802 | |||
Oval ID: | oval:org.mitre.oval:def:22802 | ||
Title: | ELSA-2009:1130: kdegraphics security update (Critical) | ||
Description: | Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via an SVG animation element, related to SVG set objects, SVG marker elements, the targetElement attribute, and unspecified "caches." | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2009:1130-01 CVE-2009-0945 CVE-2009-1709 | Version: | 13 |
Platform(s): | Oracle Linux 5 | Product(s): | kdegraphics |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:29125 | |||
Oval ID: | oval:org.mitre.oval:def:29125 | ||
Title: | RHSA-2009:1130 -- kdegraphics security update (Critical) | ||
Description: | Updated kdegraphics packages that fix two security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. The kdegraphics packages contain applications for the K Desktop Environment (KDE). Scalable Vector Graphics (SVG) is an XML-based language to describe vector images. KSVG is a framework aimed at implementing the latest W3C SVG specifications. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2009:1130 CESA-2009:1130-CentOS 5 CVE-2009-0945 CVE-2009-1709 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | kdegraphics |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2011-08-09 | Name : CentOS Update for kdegraphics CESA-2009:1130 centos5 i386 File : nvt/gb_CESA-2009_1130_kdegraphics_centos5_i386.nasl |
2010-09-22 | Name : Mandriva Update for kdegraphics MDVSA-2010:182 (kdegraphics) File : nvt/gb_mandriva_MDVSA_2010_182.nasl |
2010-05-12 | Name : Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002 File : nvt/macosx_upd_10_5_7_secupd_2009-002.nasl |
2010-01-29 | Name : Mandriva Update for kdelibs4 MDVSA-2010:027 (kdelibs4) File : nvt/gb_mandriva_MDVSA_2010_027.nasl |
2009-12-14 | Name : Mandriva Security Advisory MDVSA-2009:331 (kdegraphics) File : nvt/mdksa_2009_331.nasl |
2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
2009-11-11 | Name : Ubuntu USN-857-1 (qt4-x11) File : nvt/ubuntu_857_1.nasl |
2009-09-28 | Name : Ubuntu USN-836-1 (webkit) File : nvt/ubuntu_836_1.nasl |
2009-09-02 | Name : Debian Security Advisory DSA 1866-1 (kdegraphics) File : nvt/deb_1866_1.nasl |
2009-09-02 | Name : Ubuntu USN-822-1 (kdelibs) File : nvt/ubuntu_822_1.nasl |
2009-09-02 | Name : Ubuntu USN-823-1 (kdegraphics) File : nvt/ubuntu_823_1.nasl |
2009-07-29 | Name : Fedora Core 10 FEDORA-2009-8049 (kdelibs) File : nvt/fcore_2009_8049.nasl |
2009-07-29 | Name : Fedora Core 11 FEDORA-2009-8039 (kdelibs) File : nvt/fcore_2009_8039.nasl |
2009-07-29 | Name : Fedora Core 11 FEDORA-2009-6166 (webkitgtk) File : nvt/fcore_2009_6166.nasl |
2009-06-30 | Name : CentOS Security Advisory CESA-2009:1130 (kdegraphics) File : nvt/ovcesa2009_1130.nasl |
2009-06-30 | Name : RedHat Security Advisory RHSA-2009:1130 File : nvt/RHSA_2009_1130.nasl |
2009-06-16 | Name : Apple Safari Multiple Vulnerabilities June-09 (Win) - I File : nvt/gb_apple_safari_mult_vuln_jun09_1.nasl |
2009-06-05 | Name : Ubuntu USN-776-2 (kvm) File : nvt/ubuntu_776_2.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
55415 | KDE Konqueror WebKit SVG Animation Element Use-after-free Arbitrary Code Exec... |
55013 | Apple Safari WebKit SVG Animation Element Set.targetElement() Use-after-free ... |
54500 | Google Chrome WebKit SVGList Object Handling Memory Corruption |
54455 | Apple Safari WebKit SVGList Object Handling Memory Corruption |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_libwebkit-110104.nasl - Type : ACT_GATHER_INFO |
2013-03-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-823-1.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090625_kdegraphics_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_libwebkit-110111.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_kdegraphics3-101104.nasl - Type : ACT_GATHER_INFO |
2010-12-10 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kdegraphics3-7235.nasl - Type : ACT_GATHER_INFO |
2010-09-16 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-182.nasl - Type : ACT_GATHER_INFO |
2010-07-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-027.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1866.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1988.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1950.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1130.nasl - Type : ACT_GATHER_INFO |
2009-11-11 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-857-1.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-836-1.nasl - Type : ACT_GATHER_INFO |
2009-08-25 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-822-1.nasl - Type : ACT_GATHER_INFO |
2009-07-29 | Name : The remote Fedora host is missing a security update. File : fedora_2009-8049.nasl - Type : ACT_GATHER_INFO |
2009-07-29 | Name : The remote Fedora host is missing a security update. File : fedora_2009-8039.nasl - Type : ACT_GATHER_INFO |
2009-07-13 | Name : The remote Fedora host is missing a security update. File : fedora_2009-6166.nasl - Type : ACT_GATHER_INFO |
2009-06-26 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1130.nasl - Type : ACT_GATHER_INFO |
2009-06-09 | Name : The remote host contains a web browser that is affected by several vulnerabil... File : macosx_Safari4_0.nasl - Type : ACT_GATHER_INFO |
2009-06-09 | Name : The remote host contains a web browser that is affected by several vulnerabil... File : safari_4.0.nasl - Type : ACT_GATHER_INFO |
2009-05-15 | Name : The remote host contains a web browser that is affected by a remote code exec... File : google_chrome_1_0_154_65.nasl - Type : ACT_GATHER_INFO |
2009-05-13 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_5_7.nasl - Type : ACT_GATHER_INFO |
2009-05-13 | Name : The remote host contains a web browser that is affected by several vulnerabil... File : safari_3_2_3.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 12:06:13 |
|