CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
95.3%
Integer overflow in Qt 3.3 before 3.3.7, 4.1 before 4.1.5, and 4.2 before 4.2.1, as used in the KDE khtml library, kdelibs 3.1.3, and possibly other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted pixmap image.
Vendor | Product | Version | CPE |
---|---|---|---|
qt | qt | 3.3.0 | cpe:2.3:a:qt:qt:3.3.0:*:*:*:*:*:*:* |
qt | qt | 3.3.1 | cpe:2.3:a:qt:qt:3.3.1:*:*:*:*:*:*:* |
qt | qt | 3.3.2 | cpe:2.3:a:qt:qt:3.3.2:*:*:*:*:*:*:* |
qt | qt | 3.3.3 | cpe:2.3:a:qt:qt:3.3.3:*:*:*:*:*:*:* |
qt | qt | 3.3.4 | cpe:2.3:a:qt:qt:3.3.4:*:*:*:*:*:*:* |
qt | qt | 3.3.5 | cpe:2.3:a:qt:qt:3.3.5:*:*:*:*:*:*:* |
qt | qt | 3.3.6 | cpe:2.3:a:qt:qt:3.3.6:*:*:*:*:*:*:* |
qt | qt | 4.1.0 | cpe:2.3:a:qt:qt:4.1.0:*:*:*:*:*:*:* |
qt | qt | 4.1.1 | cpe:2.3:a:qt:qt:4.1.1:*:*:*:*:*:*:* |
qt | qt | 4.1.2 | cpe:2.3:a:qt:qt:4.1.2:*:*:*:*:*:*:* |
ftp://patches.sgi.com/support/free/security/advisories/20061002-01-P
ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P
bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210742
lists.suse.com/archive/suse-security-announce/2006-Oct/0006.html
secunia.com/advisories/22380
secunia.com/advisories/22397
secunia.com/advisories/22479
secunia.com/advisories/22485
secunia.com/advisories/22492
secunia.com/advisories/22520
secunia.com/advisories/22579
secunia.com/advisories/22586
secunia.com/advisories/22589
secunia.com/advisories/22645
secunia.com/advisories/22738
secunia.com/advisories/22890
secunia.com/advisories/22929
secunia.com/advisories/24347
security.gentoo.org/glsa/glsa-200611-02.xml
security.gentoo.org/glsa/glsa-200703-06.xml
securitytracker.com/id?1017084
slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.483634
www.mandriva.com/security/advisories?name=MDKSA-2006:186
www.mandriva.com/security/advisories?name=MDKSA-2006:187
www.redhat.com/support/errata/RHSA-2006-0720.html
www.redhat.com/support/errata/RHSA-2006-0725.html
www.securityfocus.com/archive/1/449173/100/0/threaded
www.securityfocus.com/bid/20599
www.trolltech.com/company/newsroom/announcements/press.2006-10-19.5434451733
www.ubuntu.com/usn/usn-368-1
www.us.debian.org/security/2006/dsa-1200
www.vupen.com/english/advisories/2006/4099
issues.rpath.com/browse/RPL-723
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10218