CVE-2012-4512

Name: CVE-2012-4512
Creator: NVD / NIST
Published: 2020-02-08T19:15:10.473+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

HIGHCVSS 8.8/10EPSS 11.66%

Last modified Jun 16, 2026

CVE-2012-4512 is a high-severity vulnerability rated 8.8/10 on the CVSS scale. The CSS parser (khtml/css/cssparser.cpp) in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via a crafted font face source, related to "type confusion.". EPSS estimates a 11.66% chance of exploitation in the next 30 days.

Description

The CSS parser (khtml/css/cssparser.cpp) in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via a crafted font face source, related to "type confusion."

Metrics

CVSS 3.1

8.8/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Probability

11.66%

95.5th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-843

Affected Software

Vendor	Product	Versions
Kde	Kde	4.7.3
Redhat	Enterprise Linux	6.0
Redhat	Enterprise Linux Desktop	6.0
Redhat	Enterprise Linux Server Eus	6.3
Redhat	Enterprise Linux Workstation	6.0

References

http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.htmlBroken Link, Third Party Advisory
http://em386.blogspot.com/2010/12/webkit-css-type-confusion.htmlExploit, Third Party Advisory
http://quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=a872c8a969a8bd3706253d6ba24088e4f07f3352Broken Link, Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2012-1416.htmlThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-1418.htmlThird Party Advisory
http://secunia.com/advisories/51097Not Applicable, Third Party Advisory
http://secunia.com/advisories/51145Not Applicable, Third Party Advisory
http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.ascThird Party Advisory
http://www.openwall.com/lists/oss-security/2012/10/11/11Mailing List, Third Party Advisory
http://www.openwall.com/lists/oss-security/2012/10/30/6Mailing List, Third Party Advisory
http://www.securitytracker.com/id?1027709Third Party Advisory, VDB Entry
http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.htmlBroken Link, Third Party Advisory
http://em386.blogspot.com/2010/12/webkit-css-type-confusion.htmlExploit, Third Party Advisory
http://quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=a872c8a969a8bd3706253d6ba24088e4f07f3352Broken Link, Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2012-1416.htmlThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-1418.htmlThird Party Advisory
http://secunia.com/advisories/51097Not Applicable, Third Party Advisory
http://secunia.com/advisories/51145Not Applicable, Third Party Advisory
http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.ascThird Party Advisory
http://www.openwall.com/lists/oss-security/2012/10/11/11Mailing List, Third Party Advisory
http://www.openwall.com/lists/oss-security/2012/10/30/6Mailing List, Third Party Advisory
http://www.securitytracker.com/id?1027709Third Party Advisory, VDB Entry

Timeline

Published: Feb 8, 2020
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2012-4512?

How severe is CVE-2012-4512?

CVE-2012-4512 has a CVSS score of 8.8/10 (HIGH severity). The EPSS model estimates a 11.66% probability of exploitation in the next 30 days.

How do I fix CVE-2012-4512?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2012-4512?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST