CVE-2006-0019 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2006-0019
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-0019

Description: Heap-based buffer overflow in the encodeURI and decodeURI functions in the kjs JavaScript interpreter engine in KDE 3.2.0 through 3.5.0 allows remote attackers to execute arbitrary code via a crafted, UTF-8 encoded URI.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/24242 UBUNTU http://www.ubuntu.com/usn/usn-245-1 SUSE http://www.securityfocus.com/archive/1/archive/1/422489/100/0/threaded ST 1015512 SREASON http://securityreason.com/securityalert/364 SLACKWARE http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.361107 SAID Secunia Advisory: SA18500 Secunia Advisory: SA18540 Secunia Advisory: SA18561 Secunia Advisory: SA18552 Secunia Advisory: SA18559 Secunia Advisory: SA18570 Secunia Advisory: SA18899 Secunia Advisory: SA18583 REDHAT http://www.redhat.com/support/errata/RHSA-2006-0184.html OSVDB 22659 MANDRIVA http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:019 GENTOO http://www.gentoo.org/security/en/glsa/glsa-200601-11.xml FEDORA http://www.securityfocus.com/archive/1/archive/1/427976/100/0/threaded DEBIAN http://www.debian.org/security/2006/dsa-948 CONFIRM http://www.kde.org/info/security/advisory-20060119-1.txt BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/422464/100/0/threaded BID 16325

Return to the previous page.