Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Gentoo: GLSA-200601-11 Normal: KDE Kjs Heap Overflow Arbitrary Code

gentoo
Calendar Grey January 22, 2006
Dist Gentoo Esm H88
Gentoo alert concerning KDE kjs buffer overflow, potential for unauthorized code execution triggered by harmful javascript submission.
KDE fails to properly validate URIs when handling javascript, potentially resulting in the execution of arbitrary code.

Summary

Gentoo Linux Security Advisory GLSA 200601-11 https://security.gentoo.org/ Severity: Normal Title: KDE kjs: URI heap overflow vulnerability Date: January 22, 2006 Bugs: #118550 ID: 200601-11

Synopsis ======= KDE fails to properly validate URIs when handling javascript, potentially resulting in the execution of arbitrary code.
Background ========= KDE is a feature-rich graphical desktop environment for Linux and Unix-like Operating Systems. kjs is the javascript interpreter used in Konqueror and other parts of KDE.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 kde-base/kdelibs < 3.4.3-r1 >= 3.4.3-r1
========== Maksim Orlovich discovered an incorrect bounds c...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory Gentoo KDE heap overflow arbitrary code javascript normal severity

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory Gentoo KDE heap overflow arbitrary code javascript normal severity

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here