CVE-2006-4811: Integer Overflow
First published: Wed Oct 18 2006(Updated: )
Integer overflow in Qt 3.3 before 3.3.7, 4.1 before 4.1.5, and 4.2 before 4.2.1, as used in the KDE khtml library, kdelibs 3.1.3, and possibly other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted pixmap image.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Qt Qt | =3.3.0 | |
| Qt Qt | =3.3.1 | |
| Qt Qt | =3.3.2 | |
| Qt Qt | =3.3.3 | |
| Qt Qt | =3.3.4 | |
| Qt Qt | =3.3.5 | |
| Qt Qt | =3.3.6 | |
| Qt Qt | =4.1.0 | |
| Qt Qt | =4.1.1 | |
| Qt Qt | =4.1.2 | |
| Qt Qt | =4.1.3 | |
| Qt Qt | =4.1.4 | |
| Qt Qt | =4.2.0 | |
| Redhat Kdelibs | =3.1.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210742
- http://lists.suse.com/archive/suse-security-announce/2006-Oct/0006.html
- http://secunia.com/advisories/22380
- http://secunia.com/advisories/22397
- http://secunia.com/advisories/22479
- http://secunia.com/advisories/22485
- http://secunia.com/advisories/22492
- http://secunia.com/advisories/22520
- http://secunia.com/advisories/22579
- http://secunia.com/advisories/22586
- http://secunia.com/advisories/22589
- http://secunia.com/advisories/22645
- http://secunia.com/advisories/22738
- http://secunia.com/advisories/22890
- http://secunia.com/advisories/22929
- http://secunia.com/advisories/24347
- http://security.gentoo.org/glsa/glsa-200611-02.xml
- http://security.gentoo.org/glsa/glsa-200703-06.xml
- http://securitytracker.com/id?1017084
- http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.483634
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:186
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:187
- http://www.redhat.com/support/errata/RHSA-2006-0720.html
- http://www.redhat.com/support/errata/RHSA-2006-0725.html
- http://www.securityfocus.com/archive/1/449173/100/0/threaded
- http://www.securityfocus.com/bid/20599
- http://www.trolltech.com/company/newsroom/announcements/press.2006-10-19.5434451733
- http://www.ubuntu.com/usn/usn-368-1
- http://www.us.debian.org/security/2006/dsa-1200
- http://www.vupen.com/english/advisories/2006/4099
- https://issues.rpath.com/browse/RPL-723
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10218
- collector/nvd-index
- collector/nvd-historical
- agent/weakness
- agent/references
- agent/author
- agent/severity
- agent/type
- agent/description
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/remedy
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/qt
- canonical/qt qt
- version/qt qt/3.3.0
- version/qt qt/3.3.1
- version/qt qt/3.3.2
- version/qt qt/3.3.3
- version/qt qt/3.3.4
- version/qt qt/3.3.5
- version/qt qt/3.3.6
- version/qt qt/4.1.0
- version/qt qt/4.1.1
- version/qt qt/4.1.2
- version/qt qt/4.1.3
- version/qt qt/4.1.4
- version/qt qt/4.2.0
- vendor/redhat
- canonical/redhat kdelibs
- version/redhat kdelibs/3.1.3