CVE-2012-4515

Published: 11 November 2012

Use-after-free vulnerability in khtml/rendering/render_replaced.cpp in Konqueror in KDE 4.7.3, when the context menu is shown, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by accessing an iframe when it is being updated.

Priority

Low

Status

Package Release Status
kde-baseapps
Launchpad, Ubuntu, Debian
Upstream
Released
Ubuntu 16.04 ESM (Xenial Xerus) Not vulnerable

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected)
Patches:
Upstream: https://cgit.kde.org/kdelibs.git/commit/?h=4f2eb356f1c23444fff2cfe0a7ae10efe303d6d8
kdebase
Launchpad, Ubuntu, Debian
Upstream
Released
Ubuntu 16.04 ESM (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist