Slashdot Mirror

← Back to Stories (view on slashdot.org)

KDE Heap Overflow Vulnerability Found

Posted by CowboyNeal on Saturday January 21, 2006 @03:35AM from the holes-in-the-dike dept.

sayanchak writes "An incorrect bounds check has been discovered in kjs, the JavaScript interpreter engine used by Konqueror and other parts of KDE, that allows a heap based buffer overflow when decoding specially crafted UTF-8 encoded URI sequences. It might allow malicious Javascript code to perform a heap overflow and crash Konqueror or even execute arbitrary code. Source diff patches for KDE 3.2.0 - 3.3.2 and KDE 3.4.0 - 3.5.0 are available."

2 of 233 comments (clear)

Min score:

Reason:

Sort:

Malicious hackers around the world... by Anonymous Coward · 2006-01-21 03:53 · Score: 5, Interesting

...yawn and pay no heed. Have any vulnerabilities for Konqueror ever actually resulted in exploits in the wild?
Rather incompetent by velco · 2006-01-21 04:03 · Score: 4, Interesting

And the proposed patch leaks if realloc fails and does not check the return value of realloc. *sigh*

Also, one may only wonder why didn't they use std::vector ...

~velco