CentOS Update For Kdelibs CESA-2009:1601 Centos5 I386 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

The kdelibs packages provide libraries for the K Desktop Environment (KDE). A buffer overflow flaw was found in the kdelibs string to floating point conversion routines. A web page containing malicious JavaScript could crash Konqueror or, potentially, execute arbitrary code with the privileges of the user running Konqueror. (CVE-2009-0689) Users should upgrade to these updated packages, which contain a backported patch to correct this issue. The desktop must be restarted (log out, then log back in) for this update to take effect.

Affected

kdelibs on CentOS 5

References

http://lists.centos.org/pipermail/centos-announce/2009-November/016337.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-0689

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

CentOS Security Advisory CESA-2009:1238 (dnsmasq)
CentOS Security Advisory CESA-2009:0004-01 (openssl)
CentOS Security Advisory CESA-2009:0004 (openssl)
CentOS Update for 4Suite CESA-2009:1572 centos3 i386
CentOS Security Advisory CESA-2009:1625 (expat)

CentOS Update for kdelibs CESA-2009:1601 centos5 i386

Take action and discover your vulnerabilities