kdelibs contains libraries for the K Desktop Environment (KDE).
A heap overflow flaw was discovered affecting kjs, the JavaScript interpreter engine used by Konqueror and other parts of KDE. An attacker could create a malicious web site containing carefully crafted JavaScript code that would trigger this flaw and possibly lead to arbitrary code execution. The Common Vulnerabilities and Exposures project assigned the name CVE-2006-0019 to this issue.
NOTE: this issue does not affect KDE in Red Hat Enterprise Linux 3 or 2.1.
Users of KDE should upgrade to these updated packages, which contain a backported patch from the KDE security team correcting this issue as well as two bug fixes.