The bug, described as an incorrect bounds check in kjs, the JavaScript interpreter engine used by the Konqueror browser and other parts of KDE, allows a heap based buffer overflow when decoding specially crafted UTF-8 encoded URI sequences. This effectively means that remotely supplied malicious JavaScript code could perform a heap overflow and crash a web browser, or worse, execute arbitrary code, essentially giving control of the machine to a remote attacker.
Versions 3.2.0 to 3.5.0 of KDE are affected, but KDE has already released a patch for the source code. Affected Linux vendors followed suit shortly afterwards, with Red Hat, Debian, Suse and Gentoo amongst others issuing binary patches for their distributions.
The original KDE advisory is available in the link below.
.png&h=140&w=231&c=1&s=0)
_(22).jpg&h=140&w=231&c=1&s=0)
iTnews Executive Retreat - Security Leaders Edition
_(1).jpg&h=140&w=231&c=1&s=0)
