Maksim Orlovich discovered a bug in the JavaScript interpreter used by Konqueror. UTF-8 encoded URLs could lead to a buffer overflow that causes the browser to crash or execute arbitrary code. Attackers could trick users into visiting specially crafted web sites that exploit this bug (CVE-2006-0019).
JavaScript can be disabled in Konqueror’s settings dialog to prevent exploitation. Some websites may no longer work with disabled JavaScript though. It is recommended to install the update packages.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
openSUSE | 10.0 | ppc | kdelibs3-devel | <Â 3.4.2-24.2 | kdelibs3-devel-3.4.2-24.2.ppc.rpm |
openSUSE | 10.0 | ppc | kdelibs3 | <Â 3.4.2-24.2 | kdelibs3-3.4.2-24.2.ppc.rpm |
openSUSE | 9.2 | x86_64 | kdelibs3-32bit | <Â 9.2-200601131140 | kdelibs3-32bit-9.2-200601131140.x86_64.rpm |
openSUSE | 10.0 | x86_64 | kdelibs3 | <Â 3.4.2-24.2 | kdelibs3-3.4.2-24.2.x86_64.rpm |
openSUSE | 9.3 | i586 | kdelibs3-devel | <Â 3.4.0-20.10 | kdelibs3-devel-3.4.0-20.10.i586.rpm |
openSUSE | 9.3 | x86_64 | kdelibs3-32bit | <Â 9.3-7.4 | kdelibs3-32bit-9.3-7.4.x86_64.rpm |
openSUSE | 9.1 | i586 | kdelibs3-32bit | <Â 9.1-200601130425 | kdelibs3-32bit-9.1-200601130425.i586.rpm |
openSUSE | 9.2 | i586 | kdelibs3-devel | <Â 3.3.0-34.11 | kdelibs3-devel-3.3.0-34.11.i586.rpm |
openSUSE | 10.0 | x86_64 | kdelibs3-32bit | <Â 3.4.2-24.2 | kdelibs3-32bit-3.4.2-24.2.x86_64.rpm |
openSUSE | 10.0 | x86_64 | kdelibs3-devel | <Â 3.4.2-24.2 | kdelibs3-devel-3.4.2-24.2.x86_64.rpm |