Language Selection

English French German Italian Portuguese Spanish

KDE kdelibs PCX Image Buffer Overflow Vulnerability

Filed under
KDE
Security

Highly Critical

Description:
Bruno Rohee has reported a vulnerability in KDE kdelibs, which potentially can be exploited by malicious people to compromise a vulnerable system.

The vulnerability is caused due to an error in the kimgio component when processing PCX image files. This may be exploited via a specially crafted image file to execute arbitrary code via an application linked against the vulnerable library.

The vulnerability has been reported in KDE 3.4.0. Other version may also be affected.

Solution:
Do not open untrusted images in applications linked against the vulnerable library.

Source

More in Tux Machines

10 Android Smartphone Alternatives to the Apple iPhone 6

Apple might not have the most mobile market share or sell the most units, but it can get more attention than any other mobile device maker. Year after year, it's able to build anticipation for its latest products to a fever pitch. That has become abundantly apparent in the wake of the iPhone 6 launch. While there are still countless devices available that might in one way or another top the iPhone 6 in terms of features or price, it's Apple's product that generates the most hype. But now that the iPhone 6 is shipping, consumers who aren't already totally committed to Apple's products will go back to calmly considering in the clear light of day which product offers the best deal—the iPhone or one of the many handsets that run Android. This eWEEK slide show looks at 10 Android smartphones ranging from lower-cost units to the top-of-the-line flagship models that might prove to be suitable alternatives to the iPhone. From the Samsung Galaxy S5 to the Amazon Fire Phone, there are Android handsets that can suit any mobile phone buyer's needs. Read more

The Features Coming For Fedora 21

Fedora 21 in alpha form is finally expected for release today. With Fedora 20 having been released last December and the Fedora 21 release getting continually dragged on due to delays, here's a recap of some of the major changes being worked on for this next Fedora release. Read more

Bullies in the Machine or Pick On Someone Your Own Size

It wasn’t but a few days ago that I approached the KDE community in Google Plus to ask a question. In asking that question, I included a screenshot to present a graphical representation of my problem. Three community members responded right away. The first two responses were legitimate queries: questions seeking to gather information needed to calculate an effective attack vector. The third response was…well, not so much. “Stop, I can’t. My eyes are bleeding. x_x “ The remark about “eyes bleeding” was obviously a reaction to a perceived lack of aesthetics in the screenshot. And yeah, it pissed me off. I didn’t seek a critique on my icon set or color scheme. I was asking how to fix my friggin’ frappin’ problem. Read more

Bringing Literacy to Millions of Kids With Open Source

This is a $15 million competition in which teams are challenged to create Open Source software that will teach a child to read, write, and perform arithmetic in 18 months without the aid of a teacher. This is not designed to replace teachers but to instead provide an educational solution where little or none exists. Read more