CVE-2012-4512: 
Linux Red Hat vulnerability analysis and mitigation

CVE-2012-4512 is a heap-based buffer overflow vulnerability discovered in the CSS parser of KDE libraries' Document Object Model (DOM) implementation, specifically affecting Konqueror version 4.7.3. The vulnerability was identified in 2012 and affects the way the CSS parser processes font face source locations (NVD, Red Hat).

The vulnerability exists in the CSS parser (khtml/css/cssparser.cpp) of Konqueror and involves type confusion when processing font face sources. The issue occurs when the parser fails to properly check the unit variable before processing CSS values, leading to incorrect interpretation of floating-point values as string structures. This allows an attacker to control memory addresses and lengths through specially crafted floating-point numbers in CSS font face definitions (Nth Dimension).

When exploited, this vulnerability could allow remote attackers to cause a denial of service (crash) and potentially execute arbitrary code with the privileges of the user running the application. The vulnerability also enables attackers to read portions of memory, effectively causing information disclosure (Red Hat).

The vulnerability has been patched in updated versions of the kdelibs packages. Users should upgrade to these updated packages, which contain backported patches to correct the issue. After applying the updates, the desktop must be restarted (log out, then log back in) for the fix to take effect (Red Hat).