Linux.com

Home

Ubuntu Security Notice 871-1: KDE vulnerability

Article Source Ubuntu Security Notices
December 10, 2009, 6:29 pm
 
A buffer overflow was found in the KDE libraries when converting a string to a floating point number. If a user or application linked against kdelibs were tricked into processing crafted input, an attacker could cause a denial of service (via application crash) or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-0689) It was discovered that the KDE libraries could use KHTML to process an unknown MIME type. If a user or application linked against kdelibs were tricked into opening a crafted file, an attacker could potentially trigger XMLHTTPRequests to remote sites...
 
 

Comments

Subscribe to Comments Feed

Who we are ?

The Linux Foundation is a non-profit consortium dedicated to the growth of Linux.

More About the foundation...

Frequent Questions

Join / Linux Training / Board