KDE JS bug poses a real threat

(Updated: January 21, 2006 @ 21:19, 21:23)

A security vulnerability in KDE’s JavaScript interpreter allows remote attackers to cause a user visiting a malicious web page to execute arbitrary code by overflowing KJS (KDE-JavaScript) UTF-8 interpreter.

The vulnerability can be triggered by any program that utilizes KJS, i.e. the vulnerability is not limited to Konqueror.

More information to come as technical details start to surface.

The patch found in ftp://ftp.kde.org/pub/kde/security_patches/post-3.2.3-kdelibs-kjs.diff offers some insight into the problem, the vulnerable JavaScript functions appearently are: encodeURI and decodeURI.

Update 2: The CVE-2006-0019 entry has not be released yet, but keep watching.