Scientific Linux Security Update : kdelibs on SL3.x i386/x86_64
High Nessus Plugin ID 60605
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionA flaw was found in the way the KDE CSS parser handled content for the CSS 'style' attribute. A remote attacker could create a specially crafted CSS equipped HTML page, which once visited by an unsuspecting user, could cause a denial of service (Konqueror crash) or, potentially, execute arbitrary code with the privileges of the user running Konqueror. (CVE-2009-1698)
The desktop must be restarted (log out, then log back in) for this update to take effect.
SolutionUpdate the affected kdelibs and / or kdelibs-devel packages.