Cd Chen's Services

KDE 被發現有 Overflow 的漏洞，有使用 KDE 的朋友，記得檢查一下；如果您願意，最好還是更新至最新的系統。

KDE Heap Overflow Vulnerability Found：

sayanchak writes "An incorrect bounds check has been discovered in kjs, the JavaScript interpreter engine used by Konqueror and other parts of KDE, that allows a heap based buffer overflow when decoding specially crafted UTF-8 encoded URI sequences. It might allow malicious Javascript code to perform a heap overflow and crash Konqueror or even execute arbitrary code. Source diff patches for KDE 3.2.0 - 3.3.2 and KDE 3.4.0 - 3.5.0 are available."

出處：Slashdot