KDE Heap Overflow Vulnerability Found 233
sayanchak writes "An incorrect bounds check has been discovered in kjs, the JavaScript interpreter engine used by Konqueror and other parts of KDE, that allows a heap based buffer overflow when decoding specially crafted UTF-8 encoded URI sequences. It might allow malicious Javascript code to perform a heap overflow and crash Konqueror or even execute arbitrary code. Source diff patches for KDE 3.2.0 - 3.3.2 and KDE 3.4.0 - 3.5.0 are available."
This is why I use Windows (Score:3, Funny)
Right thats it! (Score:5, Funny)
Re:Right thats it! (Score:2, Funny)
*looks at his Kubuntu install*
Uh... clearly this patching shows the inherent superiority of Open Source!
how to apply? (Score:1, Funny)
Queue Linux Defense Responses! (Score:3, Funny)
1. Oh, but microsoft takes longer to patch
2. But it is still more secure than windows!
3. Ya, old news, it's already patched!
4. And, this isn't an OS problem it's the shell, windowing, daemon, whatever etc!
And hell yes, I will post this Anonymously as I expect this to be moded as Troll within 5 minutes and I got no karma to burn!