KDE.Kjs.UTF-8.Encoded.URI.Handling.Buffer.Overflow

description-logoDescription

Indicates a possible attempt at exploiting a heap overflow error in the JavaScript interpreter engine in KDE.(kjs/function.cpp). When decoding specially crafted UTF-8 encoded URI sequences, remote attackers could compromise a vulnerable system by convincing a user to visit a malicious web page containing malformed JavaScript code. The user would have to view the web page with an application using the vulnerable engine (ie Konqueror).

affected-products-logoAffected Products

KDE 3.2 - KDE 3.5

Impact logoImpact

System Compromise

recomended-action-logoRecommended Actions

Please apply the vendor released patches to fix this vulnerability.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

1