KDE JS bug poses a real threat

(Updated: January 21, 2006 @ 21:19, 21:23)

A security vulnerability in KDE’s JavaScript interpreter allows remote attackers to cause a user visiting a malicious web page to execute arbitrary code by overflowing KJS (KDE-JavaScript) UTF-8 interpreter.

The vulnerability can be triggered by any program that utilizes KJS, i.e. the vulnerability is not limited to Konqueror.

More information to come as technical details start to surface.

Update:
The patch found in ftp://ftp.kde.org/pub/kde/security_patches/post-3.2.3-kdelibs-kjs.diff offers some insight into the problem, the vulnerable JavaScript functions appearently are: encodeURI and decodeURI.

Update 2: The CVE-2006-0019 entry has not be released yet, but keep watching.

Share