kjs encodeuri/decodeuri heap overflow

2006.01.21
Credit: Dirk Mueller
Risk: Medium
Local: No
Remote: Yes
CWE: CWE-Other


CVSS Base Score: 7.5/10
Impact Subscore: 6.4/10
Exploitability Subscore: 10/10
Exploit range: Remote
Attack complexity: Low
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

KDE Security Advisory: kjs encodeuri/decodeuri heap overflow vulnerability Original Release Date: 2006-01-19 URL: http://www.kde.org/info/security/advisory-20060119-1.txt 0. References CVE-2006-0019 1. Systems affected: KDE 3.2.0 up to including KDE 3.5.0 2. Overview: Maksim Orlovich discovered an incorrect bounds check in kjs, the JavaScript interpreter engine used by Konqueror and other parts of KDE, that allows a heap based buffer overflow when decoding specially crafted UTF-8 encoded URI sequences. 3. Impact: Remotely supplied Javascript code can perform a heap overflow and crash the web browser or execute arbitrary code. 4. Solution: Source code patches have been made available which fix these vulnerabilities. Contact your OS vendor / binary package provider for information about how to obtain updated binary packages. 5. Patch: Patch for KDE 3.4.0 - 3.5.0 is available from ftp://ftp.kde.org/pub/kde/security_patches : ecc0ec13ce3b06e94e35aa8e937e02bf post-3.4.3-kdelibs-kjs.diff Patch for KDE 3.2.0 - 3.3.2 is available from ftp://ftp.kde.org/pub/kde/security_patches : 9bca9b44ca2d84e3b2f85ffb5d30e047 post-3.2.3-kdelibs-kjs.diff -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iD8DBQBD0A2SvsXr+iuy1UoRAmXHAKCws5OgDiteQti4XNibfE92cuLrdwCgkD29 5Y047yDX048bFKmWpg7NFNY= =wufg -----END PGP SIGNATURE-----


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2019, cxsecurity.com

 

Back to Top