MiracleLinux 3 : kdelibs-3.5.5-11.26.AXS3 (AXSA:2011-354:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2011-354:01 advisory. KDE Libraries include: kdecore KDE core library, kdeui user interface, kfm file manager, khtmlw HTML widget, kio Input/Output, networking, kspell spelling...

kdelibs: Heap-based buffer overflow when parsing location of a font face source

A heap-based buffer overflow flaw was found in the way the CSS parser of the Document Object Model's DOM implementation of KDE libraries performed processing of a location of a particular font face source. A remote attacker with privileges could provide a specially-crafted web page that, when...