|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200703-06] AMD64 x86 emulation Qt library: Integer overflow Vulnerability Scan
Vulnerability Scan Summary AMD64 x86 emulation Qt library: Integer overflow
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200703-06
(AMD64 x86 emulation Qt library: Integer overflow)
An integer overflow flaw has been found in the pixmap handling of Qt,
making the AMD64 x86 emulation Qt library vulnerable as well.
Impact
By enticing a user to open a specially crafted pixmap image in an
application using the AMD64 x86 emulation Qt library, a remote attacker
could cause an application crash or the remote execution of arbitrary
code with the rights of the user running the application.
Workaround
There is no known workaround at this time.
References:
http://www.gentoo.org/security/en/glsa/glsa-200611-02.xml
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4811
Solution:
All AMD64 x86 emulation Qt library users should upgrade to the latest
version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-emulation/emul-linux-x86-qtlibs-10.0"
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|