Advertisement

Latest News

[ Windows | Linux | Apple ]

· The third screen: Will all Windows 8 apps run on Microsoft's Xbox One?
· CentOS-6.4 LiveCD and LiveDVD for i386 and x86_64 released
· Apple OS X malware outbreak could give UK firms a bad Hangover
· 5 Modem At Command Examples in Linux (How to Configure Minicom)
· CompatDB Updates 05/22/13
· Removing and Wiping Drivers Guide and more
· Windows Server 2012 Essentials SDK Installer 1.1
· Xbox One hardware and specs: 8-core CPU, 8GB RAM, 500GB hard drive and more
· Tim Cook: US-made Macs will be assembled in Texas
· Microsoft software satisfaction slumps

Upcoming News

· For Father's Day Gifts Articles/Shows: SensoGlove Lets Da?= ds Finally Improve Their Golf Game
· Far Cry 3: Blood Dragon Review @ OCC
· [RHSA-2013:0855-01] Important: java-1.5.0-ibm security update
· [CentOS-announce] Release for CentOS-6.4 LiveCD and LiveDVD for i386 and x86_64
· [CentOS-announce] CEBA-2013:0854 CentOS 6 vte Update
· Shuttle OMNINAS KD20 @ techPowerUp
· What You Need To Know about the Xbox One @ ThinkComputers.org
· PQI Air Drive External Wireless Storage Device Product and Video Review
· PoINT Storage Manager 4.0 now available
· [CentOS-announce] CEEA-2013:0852 CentOS 5 rgmanager Update

Linux Compatibility

· Dell Dimension 9100
· CL-CAM50001 UPC=3700284609322
· DFE 520 TX
· nVidia GeForce4 MX 440
· Gore: Ultimate Soldier
· SMC2802W V2 wi-fi 54Mbps PCI card
· Wireless modem router N300
· Dell P780
· ASUS A7V8X
· BricsCAD for Linux

New Forum Topics

· shutdown link ?
by: estirwent
on: 2013-05-11 17:46
18 replies, 6427 views

· Laptop keyboard drank soda
by: Zenn
on: 2013-04-30 00:27
1 replies, 683 views

· connecting to to internet with ubuntu
by: Zenn
on: 2013-04-30 00:26
2 replies, 4545 views

· Need Linux-compatible PS/2 expansion card
by: Zenn
on: 2013-04-30 00:26
1 replies, 754 views

· irql_not_less_or_equal blue screen
by: Zenn
on: 2013-04-30 00:25
2 replies, 1138 views

News Channels

· Drivers
· Guides
· Reviews
· Security
· Software
· Press Release
· Updates
· Interviews
· Linux
· General
· Debian
· Red Hat
· Slackware
· Gentoo
· Mandriva
· White Box
· SUSE
· GNOME
· KDE
· CentOS
· Ubuntu
· MEPIS
· Android

What's New

Login to see an overview of all news stories since your last visit.

Welcome to our website

To take full advantage of all features you need to login or register. Registration is completely free and takes only a few seconds.

[KDE Security Advisory] kjs encodeuri/decodeuri heap overflow

Posted by Philipp Esselbach on: 01/20/2006 01:41 AM [ Print | 0 comment(s) ]

KDE Security Advisory: kjs encodeuri/decodeuri heap overflow vulnerability
Original Release Date: 2006-01-19
URL: http://www.kde.org/info/security/advisory-20060119-1.txt

0. References
CVE-2006-0019

1. Systems affected:

KDE 3.2.0 up to including KDE 3.5.0

2. Overview:

Maksim Orlovich discovered an incorrect bounds check in kjs,
the JavaScript interpreter engine used by Konqueror and other
parts of KDE, that allows a heap based buffer overflow
when decoding specially crafted UTF-8 encoded URI sequences.

3. Impact:

Remotely supplied Javascript code can perform a heap overflow
and crash the web browser or execute arbitrary code.

4. Solution:

Source code patches have been made available which fix these
vulnerabilities. Contact your OS vendor / binary package provider
for information about how to obtain updated binary packages.

5. Patch:

Patch for KDE 3.4.0 - 3.5.0 is available from

ftp://ftp.kde.org/pub/kde/security_patches :

ecc0ec13ce3b06e94e35aa8e937e02bf post-3.4.3-kdelibs-kjs.diff

Patch for KDE 3.2.0 - 3.3.2 is available from

ftp://ftp.kde.org/pub/kde/security_patches :

9bca9b44ca2d84e3b2f85ffb5d30e047 post-3.2.3-kdelibs-kjs.diff

All products mentioned are registered trademarks or trademarks of their respective owners.
© 2002-2013 Esselbach Internet Solutions - All Rights Reserved. Terms and privacy policy
Powered by Contentteller® Business Edition