KDE KJS Encodeuri / Decodeuri Remote Heap Overflow Vulnerability

KDE KJS Encodeuri / Decodeuri Remote Heap Overflow Vulnerability

KDE KJS is prone to a remote heap-overflow vulnerability.

Specifically, the issue presents itself when the application decodes specially crafted UTF-8 encoded URI sequences.

A successful attack can result in a remote compromise in the context of the user running the vulnerable application.

KDE versions 3.2.0, up to and including KDE 3.5.0, are vulnerable to this issue.