RHEL 5 : kdegraphics (RHSA-2009:1130)

This script is Copyright (C) 2009-2014 Tenable Network Security, Inc.


Synopsis :

The remote Red Hat host is missing one or more security updates.

Description :

Updated kdegraphics packages that fix two security issues are now
available for Red Hat Enterprise Linux 5.

This update has been rated as having critical security impact by the
Red Hat Security Response Team.

The kdegraphics packages contain applications for the K Desktop
Environment (KDE). Scalable Vector Graphics (SVG) is an XML-based
language to describe vector images. KSVG is a framework aimed at
implementing the latest W3C SVG specifications.

A use-after-free flaw was found in the KDE KSVG animation element
implementation. A remote attacker could create a specially-crafted SVG
image, which once opened by an unsuspecting user, could cause a denial
of service (Konqueror crash) or, potentially, execute arbitrary code
with the privileges of the user running Konqueror. (CVE-2009-1709)

A NULL pointer dereference flaw was found in the KDE, KSVG SVGList
interface implementation. A remote attacker could create a
specially-crafted SVG image, which once opened by an unsuspecting
user, would cause memory corruption, leading to a denial of service
(Konqueror crash). (CVE-2009-0945)

All users of kdegraphics should upgrade to these updated packages,
which contain backported patches to correct these issues. The desktop
must be restarted (log out, then log back in) for this update to take
effect.

See also :

https://www.redhat.com/security/data/cve/CVE-2009-0945.html
https://www.redhat.com/security/data/cve/CVE-2009-1709.html
http://rhn.redhat.com/errata/RHSA-2009-1130.html

Solution :

Update the affected kdegraphics and / or kdegraphics-devel packages.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.9
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Red Hat Local Security Checks

Nessus Plugin ID: 39531 ()

Bugtraq ID: 35334

CVE ID: CVE-2009-0945
CVE-2009-1709