Last weekend, security experts discovered a critical vulnerability in Linux and Unix operating systems, which could allow hackers to conduct remote attacks and gain control of the system.
The vulnerability is located in the widely used open-source software package KDE, as identified by the Security Incident Response Team (SIRT) of France. KDE is a desktop software package for Linux and Unix systems, including the Konqueror web browser and several other common applications.
According to SIRT’s announcement, the vulnerability lies within the JavaScript engine utilized by the Konqueror web browser and other components of KDE. Attackers can spoof a URI string encoded with UTF-8 to exploit this vulnerability.
To succeed, hackers must trick users into visiting malicious websites they create (using the Konqueror browser). The affected versions include KDE from 3.2.0 to 3.5.0.
