| Summary: | The remote host is missing updates announced in;advisory RHSA-2009:1128.;;The kdelibs packages provide libraries for the K Desktop Environment (KDE).;;A flaw was found in the way the KDE CSS parser handled content for the;CSS style attribute. A remote attacker could create a specially-crafted;CSS equipped HTML page, which once visited by an unsuspecting user, could;cause a denial of service (Konqueror crash) or, potentially, execute;arbitrary code with the privileges of the user running Konqueror.;(CVE-2009-1698);;Users should upgrade to these updated packages, which contain a backported;patch to correct this issue. The desktop must be restarted (log out, then;log back in) for this update to take effect. |
| Description: | Summary:
The remote host is missing updates announced in
advisory RHSA-2009:1128.
The kdelibs packages provide libraries for the K Desktop Environment (KDE).
A flaw was found in the way the KDE CSS parser handled content for the
CSS style attribute. A remote attacker could create a specially-crafted
CSS equipped HTML page, which once visited by an unsuspecting user, could
cause a denial of service (Konqueror crash) or, potentially, execute
arbitrary code with the privileges of the user running Konqueror.
(CVE-2009-1698)
Users should upgrade to these updated packages, which contain a backported
patch to correct this issue. The desktop must be restarted (log out, then
log back in) for this update to take effect.
Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date
CVSS Score:
9.3
CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
