Maybe this is not security, but only with the KDE folks, but here we go anyway. === Secunia Advisory: SA32208 Release Date: 2008-10-24 Critical: Not critical Impact: DoS Where: From remote Solution Status: Unpatched === Jeremy Brown has discovered a weakness in KDE, which can be exploited by malicious people to cause a DoS (Denial of Service). The weakness is caused due to KHTML improperly handling JavaScript "document.load()" calls targeting the current document. This can be exploited to trigger the use of a deleted object within the "HTMLTokenizer::scriptHandler()" method and cause a crash. The weakness is confirmed with Konqueror using KHTML from KDE versions 3.5.9 and 3.5.10. Other versions may also be affected. NOTE: Secunia normally does not classify a browser crash as a vulnerability nor issue an advisory about it. However, the potential impact of this issue may be more severe than currently believed. Solution: Do not open untrusted HTML documents with applications using KHTML (e.g. Konqueror). ===
reassigning to kde herd b/c it's not a security bug.
since development of kde3 is frozen we can't do anything so closing