CVE-2006-4811

Severity

68%

Complexity

86%

Confidentiality

106%

Integer overflow in Qt 3.3 before 3.3.7, 4.1 before 4.1.5, and 4.2 before 4.2.1, as used in the KDE khtml library, kdelibs 3.1.3, and possibly other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted pixmap image.

Integer overflow in Qt 3.3 before 3.3.7, 4.1 before 4.1.5, and 4.2 before 4.2.1, as used in the KDE khtml library, kdelibs 3.1.3, and possibly other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted pixmap image.

CVSS 2.0 Base Score 6.8. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P).

Overview

Type

Digia Qt

First reported 18 years ago

2006-10-18 17:07:00

Last updated 6 years ago

2018-10-17 21:39:00

Affected Software

Digia Qt 3.3.0

3.3.0

Digia Qt 3.3.1

3.3.1

Digia Qt 3.3.2

3.3.2

Digia Qt 3.3.3

3.3.3

Digia Qt 3.3.4

3.3.4

Digia Qt 3.3.5

3.3.5

Digia Qt 3.3.6

3.3.6

Digia Qt 4.1.0

4.1.0

Digia Qt 4.1.1

4.1.1

Digia Qt 4.1.2

4.1.2

Digia Qt 4.1.3

4.1.3

Digia Qt 4.1.4

4.1.4

Digia Qt 4.2.0

4.2.0

References

20061002-01-P

20061101-01-P

http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210742

SUSE-SA:2006:063

22380

Patch, Vendor Advisory

22397

Vendor Advisory

22479

Patch, Vendor Advisory

22485

Patch, Vendor Advisory

22492

Patch, Vendor Advisory

22520

Patch, Vendor Advisory

22579

Vendor Advisory

22586

Vendor Advisory

22589

Vendor Advisory

22645

Vendor Advisory

22738

Vendor Advisory

22890

Vendor Advisory

22929

Vendor Advisory

24347

Vendor Advisory

GLSA-200611-02

GLSA-200703-06

1017084

SSA:2006-298-01

MDKSA-2006:186

MDKSA-2006:187

RHSA-2006:0720

Patch, Vendor Advisory

RHSA-2006:0725

Vendor Advisory

20061018 rPSA-2006-0195-1 kdelibs

20599

http://www.trolltech.com/company/newsroom/announcements/press.2006-10-19.5434451733

USN-368-1

Patch

DSA-1200

ADV-2006-4099

Vendor Advisory

https://issues.rpath.com/browse/RPL-723

oval:org.mitre.oval:def:10218

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.