Language Selection

English French German Italian Portuguese Spanish

KDE kdelibs PCX Image Buffer Overflow Vulnerability

Filed under
KDE
Security

Highly Critical

Description:
Bruno Rohee has reported a vulnerability in KDE kdelibs, which potentially can be exploited by malicious people to compromise a vulnerable system.

The vulnerability is caused due to an error in the kimgio component when processing PCX image files. This may be exploited via a specially crafted image file to execute arbitrary code via an application linked against the vulnerable library.

The vulnerability has been reported in KDE 3.4.0. Other version may also be affected.

Solution:
Do not open untrusted images in applications linked against the vulnerable library.

Source

More in Tux Machines

Bad Saved Games, Fedora Scheduling, and Scribbling

In tonight's Linux news, GamingOnLinux.com poster says "game saves are messing up our drives" - stop it! Phoronix.com is reporting on discussions of changing Fedora release schedule. Jack Germain says Scribbleton creates a personal local wiki to store anything from notes to books and Opera 25 draws near. Read more

Musique for Linux Review – A Minimalistic Player for You and Your Music

Musique is a minimalistic music player for the Linux platform that features a simple and clean interface. It's not like there is a lack of open source music players, so we've decided to see if this one is any good. Read more

CentOS 5.11 Officially Released, Probably the Last One in the Series

As you all know already, CentOS is an Enterprise-class Linux Distribution derived from sources provided by Red Hat. This is the eleventh update for the distribution and probably the last one. It features all the packages from all variants, including Server and Client, and the upstream repositories have been merged into a single one. Red Hat announced less than a month ago the release of their last update for Red Hat Enterprise Linux, 5.11. It stands to reason that CentOS 5.11 will also be the last update in the series. Read more

England's Healthwatch switches to open source CRM

England's Healthwatch organisations are now using CiviCRM, an open source solution for customer relationship management. "Open source affords access to a wide community of developers, which means that the software continues to develop and security updates and bug fixes are regularly rolled out", explains Tim Schofield, the organisation's interim systems manager. Read more