|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200611-02] Qt: Integer overflow Vulnerability Scan
Vulnerability Scan Summary Qt: Integer overflow
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200611-02
(Qt: Integer overflow)
An integer overflow flaw has been found in the pixmap handling of Qt.
Impact
By enticing a user to open a specially crafted pixmap image in an
application using Qt, e.g. Konqueror, a remote attacker could be able
to cause an application crash or the execution of arbitrary code with
the rights of the user running the application.
Workaround
There is no known workaround at this time.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4811
Solution:
All Qt 3.x users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=x11-libs/qt-3.3.6-r4"
All Qt 4.x users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=x11-libs/qt-4.1.4-r2"
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|