Linux vendors have warned of a serious security flaw affecting the KDE desktop environment, one of the two main graphical user interfaces used on Linux and Unix operating systems.
The bug, the worst to hit KDE in nearly a year, affects kjs, a Javascript interpreter used by the Konqueror Web browser and other parts of KDE, KDE developers said in an advisory. An incorrect bounds check in the interpreter allows a heap based buffer overflow when decoding maliciously crafted URI sequences encoded with UTF-8.
http://www.linuxlinks.com/portal/news/article.php?story=20060123133828929