August 18, 2009

Debian Security Advisory 1867 kdelibs - several vulnerabilities

Article Source Debian Security Advisories
August 18, 2009, 5:00 pm

Several security issues have been discovered in kdelibs, core libraries from the official KDE release. The Common Vulnerabilities and Exposures project identifies the following problems:

  • CVE-2009-1690

    It was discovered that there is a use-after-free flaw in handling certain DOM event handlers. This could lead to the execution of arbitrary code, when visiting a malicious website.

  • CVE-2009-1698

    It was discovered that there could be an uninitialised pointer when handling a Cascading Style Sheets (CSS) attr function call. This could lead to the execution of arbitrary code, when visiting a malicious website.

  • CVE-2009-1687

    It was discovered that the JavaScript garbage collector does not handle allocation failures properly, which could lead to the execution of arbitrary code when visiting a malicious website...

Click Here!