"One bug to rule them all" vulnerability in KJS?
Jacob Welsh
jwelsh at eemta.org
Fri Jul 17 06:34:24 BST 2009
Confirmed using http://www.g-sec.lu/crash/select.html. Konqueror memory usage
climbed to over 1GB in a few seconds, at which point I killed it not wanting
to go through swap/OOM.
-Jacob Welsh
On Friday 17 July 2009 00:21:03 Michael Pyne wrote:
> There is a flaw provocatively labeled "One bug to rule them all" at this
> link: http://www.g-sec.lu/one-bug-to-rule-them-all.html
>
> The author claims to have contacted KDE regarding Konqueror and received
> no response. The bug itself is a unconstrained memory allocation using
> the select() JavaScript function (or something like that). I have not
> tested the vulnerability since I have to be up in about 6 hours to
> checkout of this hotel and hit the road again. :-/
>
> This is sent from my webmail and I haven't had time to check the mailing
> lists, I apologize if this is a dupe. If not we may want to investigate
> this since it's now publicly disclosed.
>
> Regards,
> - Michael Pyne
More information about the kde-core-devel
mailing list