This script is Copyright (C) 2012 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
A use-after-free flaw was found in the KDE KSVG animation element
implementation. A remote attacker could create a specially-crafted SVG
image, which once opened by an unsuspecting user, could cause a denial
of service (Konqueror crash) or, potentially, execute arbitrary code
with the privileges of the user running Konqueror. (CVE-2009-1709)
A NULL pointer dereference flaw was found in the KDE, KSVG SVGList
interface implementation. A remote attacker could create a
specially-crafted SVG image, which once opened by an unsuspecting
user, would cause memory corruption, leading to a denial of service
(Konqueror crash). (CVE-2009-0945)
The desktop must be restarted (log out, then log back in) for this
update to take effect.
See also :
Update the affected kdegraphics and / or kdegraphics-devel packages.
Risk factor :
High / CVSS Base Score : 9.3