CVE-2006-4811 Information

Description

Integer overflow in Qt 3.3 before 3.3.7 4.1 before 4.1.5 and 4.2 before 4.2.1 as used in the KDE khtml library kdelibs 3.1.3 and possibly other packages allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted pixmap image.

Reference

ftp://patches.sgi.com/support/free/security/advisories/20061002-01-P ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210742 http://lists.suse.com/archive/suse-security-announce/2006-Oct/0006.html http://secunia.com/advisories/22380 http://secunia.com/advisories/22397 http://secunia.com/advisories/22479 http://secunia.com/advisories/22485 http://secunia.com/advisories/22492 http://secunia.com/advisories/22520 http://secunia.com/advisories/22579 http://secunia.com/advisories/22586 http://secunia.com/advisories/22589 http://secunia.com/advisories/22645 http://secunia.com/advisories/22738 http://secunia.com/advisories/22890 http://secunia.com/advisories/22929 http://secunia.com/advisories/24347 http://security.gentoo.org/glsa/glsa-200611-02.xml http://security.gentoo.org/glsa/glsa-200703-06.xml http://securitytracker.com/id?1017084 http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.483634 http://www.mandriva.com/security/advisories?name=MDKSA-2006:186 http://www.mandriva.com/security/advisories?name=MDKSA-2006:187 http://www.redhat.com/support/errata/RHSA-2006-0720.html http://www.redhat.com/support/errata/RHSA-2006-0725.html http://www.securityfocus.com/archive/1/449173/100/0/threaded http://www.securityfocus.com/bid/20599 http://www.trolltech.com/company/newsroom/announcements/press.2006-10-19.5434451733 http://www.ubuntu.com/usn/usn-368-1 http://www.us.debian.org/security/2006/dsa-1200 http://www.vupen.com/english/advisories/2006/4099 https://issues.rpath.com/browse/RPL-723 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A10218