Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Ubuntu Local Security Checks --> Category: infos

USN245-1 : kdelibs vulnerability Vulnerability Scan

Vulnerability Scan Summary
kdelibs vulnerability

Detailed Explanation for this Vulnerability Test

Synopsis :

These remote packages are missing security patches :
- kdelibs
- kdelibs-bin
- kdelibs-data
- kdelibs4
- kdelibs4-dev
- kdelibs4-doc
- kdelibs4c2
- kdelibs4c2-dbg

Description :

Maksim Orlovich discovered that kjs, the Javascript interpreter engine
used by Konqueror and other parts of KDE, did not sufficiently verify
the validity of UTF-8 encoded URIs. Specially crafted URIs could
trigger a buffer overflow. By tricking an user into visiting a
web site with malicious JavaScript code, a remote attacker could
exploit this to execute arbitrary code with user rights.

Solution :

Upgrade to :
- kdelibs-3.4.3-0ubuntu2 (Ubuntu 5.10)
- kdelibs-bin-3.4.3-0ubuntu2 (Ubuntu 5.10)
- kdelibs-data-3.4.3-0ubuntu2 (Ubuntu 5.10)
- kdelibs4-3.4.0-0ubuntu3.5 (Ubuntu 5.04)
- kdelibs4-dev-3.4.3-0ubuntu2 (Ubuntu 5.10)
- kdelibs4-doc-3.4.3-0ubuntu2 (Ubuntu 5.10)
- kdelibs4c2-3.4.3-0ubuntu2 (Ubuntu 5.10)
- kdelibs4c2-dbg-3.4.3-0ubuntu2 (Ubuntu 5.10)

Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.