Slashdot Mirror

← Back to Stories (view on slashdot.org)

KDE Heap Overflow Vulnerability Found

Posted by CowboyNeal on from the holes-in-the-dike dept.

sayanchak writes "An incorrect bounds check has been discovered in kjs, the JavaScript interpreter engine used by Konqueror and other parts of KDE, that allows a heap based buffer overflow when decoding specially crafted UTF-8 encoded URI sequences. It might allow malicious Javascript code to perform a heap overflow and crash Konqueror or even execute arbitrary code. Source diff patches for KDE 3.2.0 - 3.3.2 and KDE 3.4.0 - 3.5.0 are available."

9 of 233 comments (clear)

  1. Re:This is why I use Windows by aurb · · Score: -1, Troll

    KDE is not an operating system.

  2. Re:This is why I use Windows by belg4mit · · Score: 0, Troll

    You're a troll but you still need to be whacked with a clue-by-four, a desktop and windowing environment is not
    "a part of the OS" in linux. At least not as you intend
    to parrot in your mangle way. The complaint about MS is
    the running of said things in or at the kernel. HAND

    --
    Were that I say, pancakes?
  3. All the... by Anonymous Coward · · Score: -1, Troll

    And all of the 5 users may possibly be sunk by this. Of course they are the most likely to get the patch but.....

  4. Re:This is why I use Windows by Anonymous Coward · · Score: -1, Troll

    You're a troll but you still need to be whacked with a clue-by-four, a desktop and windowing environment is not "a part of the OS" in linux.

    true.

    The complaint about MS is the running of said things in or at the kernel.

    FALSE. WHY THE FUCK DO ANTI-"M$" FANBOYS THINK THIS?
    the worst OS FUD is spread by linux zealots...

    please repeat after me:

    IE RUNS IN USER MODE, NOT KERNEL MODE
    I WILL NOT SPREAD ANY MORE FUD

    HAND

    you too

  5. Re:This is why I use Windows by NutscrapeSucks · · Score: 0, Troll

    a desktop and windowing environment is not "a part of the OS" in linux.

    This sort of argument is basically specious CSci hairsplitting. The "operating system" provides a runtime environment for application software. There's no fundemental difference between the KDE system and the MS Windows system.

    The complaint about MS is the running of said things in or at the kernel.

    No it isn't. This is something that technically clueless Linux users invented.

    --
    Whenever I hear the word 'Innovation', I reach for my pistol.
  6. what bug?? by carlosGames · · Score: -1, Troll

    hmm.. wait :) thanks to open source this doesnt affects me, i preffer e17 and firefox so .... go to hell khtml windoze explorer like engine ...

  7. Close call, good thing nobody is using linux then by Anonymous Coward · · Score: -1, Troll

    lolz

  8. the hassle free guide for running konqueror by stock · · Score: -1, Troll

    http://pastebin.com/516354

    please note that mozilla and firefox are also wiped using clean() and deskclean()

    Cheers,

    Robert

  9. Re:This is why I use Windows by Anonymous Coward · · Score: -1, Troll

    God help you if you put-down Linux around here at slashdot. Even if you are telling it how it is like the parent post here. It was modded down as is the usual practive at slashdot. Hilarious. They are worse than kids around here. It is probably a pack of kids that run slashdot.