Heap-based buffer overflow in the encodeURI and decodeURI functions in the kjs JavaScript interpreter engine in KDE 3.2.0 up to and including 3.5.0 allows remote malicious users to execute arbitrary code via a crafted, UTF-8 encoded URI.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
kde kde 3.2.0_beta1 |
||
kde kde 3.2.1 |
||
kde kde 3.3.2 |
||
kde kde 3.3.x |
||
kde kde 3.2.x |
||
kde kde 3.3 |
||
kde kde 3.4.1 |
||
kde kde 3.4.2 |
||
kde kde 3.2 |
||
kde kde 3.2.0 |
||
kde kde 3.3.0 |
||
kde kde 3.3.1 |
||
kde kde 3.5.0 |
||
kde kde 3.2.2 |
||
kde kde 3.2.3 |
||
kde kde 3.4 |
||
kde kde 3.4.0 |