| Revision Date: | 2006-01-19 | Version: | 644 |
| Title: | RHSA-2006:0184: kdelibs security update (Critical) |
| Description: | kdelibs contains libraries for the K Desktop Environment (KDE).
A heap overflow flaw was discovered affecting kjs, the JavaScript interpreter engine used by Konqueror and other parts of KDE. An attacker could create a malicious web site containing carefully crafted JavaScript code that would trigger this flaw and possibly lead to arbitrary code execution. The Common Vulnerabilities and Exposures project assigned the name CVE-2006-0019 to this issue.
NOTE: this issue does not affect KDE in Red Hat Enterprise Linux 3 or 2.1.
Users of KDE should upgrade to these updated packages, which contain a backported patch from the KDE security team correcting this issue as well as two bug fixes.
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | CVE-2006-0019
RHSA-2006:0184
RHSA-2006:0184-01
RHSA-2006:0184-01
|
| Platform(s): | Red Hat Enterprise Linux 4
| Product(s): | |
| Definition Synopsis |
| Red Hat Enterprise Linux must be installed OR Package Information
Red Hat Enterprise Linux 4 is installed
AND
kdelibs is earlier than 6:3.3.1-3.14
AND kdelibs is signed with Red Hat redhatrelease2 key
kdelibs-devel is earlier than 6:3.3.1-3.14
AND kdelibs-devel is signed with Red Hat redhatrelease2 key
|