ID CVE-2006-0019
Summary Heap-based buffer overflow in the encodeURI and decodeURI functions in the kjs JavaScript interpreter engine in KDE 3.2.0 through 3.5.0 allows remote attackers to execute arbitrary code via a crafted, UTF-8 encoded URI.
References
Vulnerable Configurations
  • cpe:2.3:o:kde:kde:3.2
    cpe:2.3:o:kde:kde:3.2
  • cpe:2.3:o:kde:kde:3.2.0
    cpe:2.3:o:kde:kde:3.2.0
  • cpe:2.3:o:kde:kde:3.2.0_beta1
    cpe:2.3:o:kde:kde:3.2.0_beta1
  • cpe:2.3:o:kde:kde:3.2.1
    cpe:2.3:o:kde:kde:3.2.1
  • cpe:2.3:o:kde:kde:3.2.2
    cpe:2.3:o:kde:kde:3.2.2
  • cpe:2.3:o:kde:kde:3.2.3
    cpe:2.3:o:kde:kde:3.2.3
  • cpe:2.3:o:kde:kde:3.2.x
    cpe:2.3:o:kde:kde:3.2.x
  • cpe:2.3:o:kde:kde:3.3
    cpe:2.3:o:kde:kde:3.3
  • cpe:2.3:o:kde:kde:3.3.0
    cpe:2.3:o:kde:kde:3.3.0
  • cpe:2.3:o:kde:kde:3.3.1
    cpe:2.3:o:kde:kde:3.3.1
  • cpe:2.3:o:kde:kde:3.3.2
    cpe:2.3:o:kde:kde:3.3.2
  • cpe:2.3:o:kde:kde:3.3.x
    cpe:2.3:o:kde:kde:3.3.x
  • cpe:2.3:o:kde:kde:3.4
    cpe:2.3:o:kde:kde:3.4
  • cpe:2.3:o:kde:kde:3.4.0
    cpe:2.3:o:kde:kde:3.4.0
  • cpe:2.3:o:kde:kde:3.4.1
    cpe:2.3:o:kde:kde:3.4.1
  • cpe:2.3:o:kde:kde:3.4.2
    cpe:2.3:o:kde:kde:3.4.2
  • cpe:2.3:o:kde:kde:3.5.0
    cpe:2.3:o:kde:kde:3.5.0
CVSS
Base: 7.5 (as of 23-01-2006 - 10:49)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2006-050.NASL
    description A heap overflow flaw was discovered affecting kjs, the JavaScript interpreter engine used by Konqueror and other parts of KDE. An attacker could create a malicious website containing carefully crafted JavaScript code that would trigger this flaw and possibly lead to arbitrary code execution. The Common Vulnerabilities and Exposures project assigned the name CVE-2006-0019 to this issue. Users of KDE should upgrade to these updated packages, which contain a backported patch from the KDE security team correcting this issue Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 20756
    published 2006-01-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20756
    title Fedora Core 4 : kdelibs-3.5.0-0.4.fc4 (2006-050)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-245-1.NASL
    description Maksim Orlovich discovered that kjs, the JavaScript interpreter engine used by Konqueror and other parts of KDE, did not sufficiently verify the validity of UTF-8 encoded URIs. Specially crafted URIs could trigger a buffer overflow. By tricking an user into visiting a website with malicious JavaScript code, a remote attacker could exploit this to execute arbitrary code with user privileges. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-08-15
    plugin id 20792
    published 2006-01-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20792
    title Ubuntu 5.04 / 5.10 : kdelibs vulnerability (USN-245-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SA_2006_003.NASL
    description The remote host is missing the patch for the advisory SUSE-SA:2006:003 (kdelibs3). Maksim Orlovich discovered a bug in the JavaScript interpreter used by Konqueror. UTF-8 encoded URLs could lead to a buffer overflow that causes the browser to crash or execute arbitrary code. Attackers could trick users into visiting specially crafted web sites that exploit this bug (CVE-2006-0019).
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 20758
    published 2006-01-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20758
    title SUSE-SA:2006:003: kdelibs3
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2006-045-05.NASL
    description New kdelibs packages are available for Slackware 10.0, 10.1, and 10.2 to fix a security issue with kjs.
    last seen 2019-02-21
    modified 2018-11-19
    plugin id 20916
    published 2006-02-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20916
    title Slackware 10.0 / 10.1 / 10.2 : kdelibs (SSA:2006-045-05)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2006-0184.NASL
    description Updated kdelibs packages are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. kdelibs contains libraries for the K Desktop Environment (KDE). A heap overflow flaw was discovered affecting kjs, the JavaScript interpreter engine used by Konqueror and other parts of KDE. An attacker could create a malicious website containing carefully crafted JavaScript code that would trigger this flaw and possibly lead to arbitrary code execution. The Common Vulnerabilities and Exposures project assigned the name CVE-2006-0019 to this issue. NOTE: this issue does not affect KDE in Red Hat Enterprise Linux 3 or 2.1. Users of KDE should upgrade to these updated packages, which contain a backported patch from the KDE security team correcting this issue as well as two bug fixes.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 20753
    published 2006-01-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20753
    title RHEL 4 : kdelibs (RHSA-2006:0184)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2006-019.NASL
    description A heap overflow vulnerability was discovered in kjs, the KDE JavaScript interpretter engine. An attacker could create a malicious web site that contained carefully crafted JavaScript code that could trigger the flaw and potentially lead to the arbitrary execution of code as the user visiting the site. The updated packages have been patched to correct this problem.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 20797
    published 2006-01-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20797
    title Mandrake Linux Security Advisory : kdelibs (MDKSA-2006:019)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-948.NASL
    description Maksim Orlovich discovered that the kjs JavaScript interpreter, used in the Konqueror web browser and in other parts of KDE, performs insufficient bounds checking when parsing UTF-8 encoded Uniform Resource Identifiers, which may lead to a heap based buffer overflow and the execution of arbitrary code.
    last seen 2019-02-21
    modified 2018-08-10
    plugin id 22814
    published 2006-10-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22814
    title Debian DSA-948-1 : kdelibs - buffer overflow
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2006-0184.NASL
    description Updated kdelibs packages are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. kdelibs contains libraries for the K Desktop Environment (KDE). A heap overflow flaw was discovered affecting kjs, the JavaScript interpreter engine used by Konqueror and other parts of KDE. An attacker could create a malicious website containing carefully crafted JavaScript code that would trigger this flaw and possibly lead to arbitrary code execution. The Common Vulnerabilities and Exposures project assigned the name CVE-2006-0019 to this issue. NOTE: this issue does not affect KDE in Red Hat Enterprise Linux 3 or 2.1. Users of KDE should upgrade to these updated packages, which contain a backported patch from the KDE security team correcting this issue as well as two bug fixes.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 21981
    published 2006-07-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=21981
    title CentOS 4 : kdelibs (CESA-2006:0184)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200601-11.NASL
    description The remote host is affected by the vulnerability described in GLSA-200601-11 (KDE kjs: URI heap overflow vulnerability) Maksim Orlovich discovered an incorrect bounds check in kjs when handling URIs. Impact : By enticing a user to load a specially crafted webpage containing malicious JavaScript, an attacker could execute arbitrary code with the rights of the user running kjs. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-11-19
    plugin id 20798
    published 2006-01-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20798
    title GLSA-200601-11 : KDE kjs: URI heap overflow vulnerability
oval via4
accepted 2013-04-29T04:16:00.303-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
description Heap-based buffer overflow in the encodeURI and decodeURI functions in the kjs JavaScript interpreter engine in KDE 3.2.0 through 3.5.0 allows remote attackers to execute arbitrary code via a crafted, UTF-8 encoded URI.
family unix
id oval:org.mitre.oval:def:11858
status accepted
submitted 2010-07-09T03:56:16-04:00
title Heap-based buffer overflow in the encodeURI and decodeURI functions in the kjs JavaScript interpreter engine in KDE 3.2.0 through 3.5.0 allows remote attackers to execute arbitrary code via a crafted, UTF-8 encoded URI.
version 23
redhat via4
advisories
bugzilla
id 178072
title pwMutex destroy failure: Device or resource busy
oval
AND
comment Red Hat Enterprise Linux 4 is installed
oval oval:com.redhat.rhsa:tst:20060016001
rhsa
id RHSA-2006:0184
released 2006-01-19
severity Critical
title RHSA-2006:0184: kdelibs security update (Critical)
refmap via4
bid 16325
bugtraq 20060119 [KDE Security Advisory] kjs encodeuri/decodeuri heap overflow
confirm
debian DSA-948
fedora FLSA:178606
gentoo GLSA-200601-11
mandriva MDKSA-2006:019
osvdb 22659
sectrack 1015512
secunia
  • 18500
  • 18540
  • 18552
  • 18559
  • 18561
  • 18570
  • 18583
  • 18899
slackware SSA:2006-045-05
sreason 364
suse SUSE-SA:2006:003
ubuntu USN-245-1
vupen ADV-2006-0265
xf kde-kjs-bo(24242)
Last major update 07-03-2011 - 21:29
Published 20-01-2006 - 16:03
Last modified 19-10-2018 - 11:42
Back to Top