ID CVE-2006-4811
Summary Integer overflow in Qt 3.3 before 3.3.7, 4.1 before 4.1.5, and 4.2 before 4.2.1, as used in the KDE khtml library, kdelibs 3.1.3, and possibly other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted pixmap image.
References
Vulnerable Configurations
  • cpe:2.3:a:digia:qt:3.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:digia:qt:3.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:digia:qt:3.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:digia:qt:3.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:digia:qt:3.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:digia:qt:3.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:digia:qt:3.3.3:*:*:*:*:*:*:*
    cpe:2.3:a:digia:qt:3.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:digia:qt:3.3.4:*:*:*:*:*:*:*
    cpe:2.3:a:digia:qt:3.3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:digia:qt:3.3.5:*:*:*:*:*:*:*
    cpe:2.3:a:digia:qt:3.3.5:*:*:*:*:*:*:*
  • cpe:2.3:a:digia:qt:3.3.6:*:*:*:*:*:*:*
    cpe:2.3:a:digia:qt:3.3.6:*:*:*:*:*:*:*
  • cpe:2.3:a:digia:qt:4.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:digia:qt:4.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:digia:qt:4.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:digia:qt:4.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:digia:qt:4.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:digia:qt:4.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:digia:qt:4.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:digia:qt:4.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:digia:qt:4.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:digia:qt:4.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:digia:qt:4.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:digia:qt:4.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:kdelibs:3.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:kdelibs:3.1.3:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 17-10-2018 - 21:39)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
oval via4
accepted 2013-04-29T04:03:39.226-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
description Integer overflow in Qt 3.3 before 3.3.7, 4.1 before 4.1.5, and 4.2 before 4.2.1, as used in the KDE khtml library, kdelibs 3.1.3, and possibly other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted pixmap image.
family unix
id oval:org.mitre.oval:def:10218
status accepted
submitted 2010-07-09T03:56:16-04:00
title Integer overflow in Qt 3.3 before 3.3.7, 4.1 before 4.1.5, and 4.2 before 4.2.1, as used in the KDE khtml library, kdelibs 3.1.3, and possibly other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted pixmap image.
version 24
redhat via4
advisories
  • bugzilla
    id 210742
    title CVE-2006-4811 qt integer overflow
    oval
    OR
    • AND
      • comment Red Hat Enterprise Linux 3 is installed
        oval oval:com.redhat.rhba:tst:20070026001
      • OR
        • AND
          • comment kdelibs is earlier than 6:3.1.3-6.12
            oval oval:com.redhat.rhsa:tst:20060720002
          • comment kdelibs is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060720003
        • AND
          • comment kdelibs-devel is earlier than 6:3.1.3-6.12
            oval oval:com.redhat.rhsa:tst:20060720004
          • comment kdelibs-devel is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060720005
    • AND
      • comment Red Hat Enterprise Linux 4 is installed
        oval oval:com.redhat.rhba:tst:20070304001
      • OR
        • AND
          • comment kdelibs is earlier than 6:3.3.1-6.RHEL4
            oval oval:com.redhat.rhsa:tst:20060720007
          • comment kdelibs is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060720003
        • AND
          • comment kdelibs-devel is earlier than 6:3.3.1-6.RHEL4
            oval oval:com.redhat.rhsa:tst:20060720008
          • comment kdelibs-devel is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060720005
    rhsa
    id RHSA-2006:0720
    released 2006-10-18
    severity Critical
    title RHSA-2006:0720: kdelibs security update (Critical)
  • bugzilla
    id 211829
    title CVE-2006-4811 qt integer overflow
    oval
    OR
    • AND
      • comment Red Hat Enterprise Linux 3 is installed
        oval oval:com.redhat.rhba:tst:20070026001
      • OR
        • AND
          • comment qt is earlier than 1:3.1.2-14.RHEL3
            oval oval:com.redhat.rhsa:tst:20060725002
          • comment qt is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060725003
        • AND
          • comment qt-MySQL is earlier than 1:3.1.2-14.RHEL3
            oval oval:com.redhat.rhsa:tst:20060725004
          • comment qt-MySQL is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060725005
        • AND
          • comment qt-ODBC is earlier than 1:3.1.2-14.RHEL3
            oval oval:com.redhat.rhsa:tst:20060725012
          • comment qt-ODBC is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060725013
        • AND
          • comment qt-config is earlier than 1:3.1.2-14.RHEL3
            oval oval:com.redhat.rhsa:tst:20060725008
          • comment qt-config is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060725009
        • AND
          • comment qt-designer is earlier than 1:3.1.2-14.RHEL3
            oval oval:com.redhat.rhsa:tst:20060725006
          • comment qt-designer is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060725007
        • AND
          • comment qt-devel is earlier than 1:3.1.2-14.RHEL3
            oval oval:com.redhat.rhsa:tst:20060725010
          • comment qt-devel is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060725011
    • AND
      • comment Red Hat Enterprise Linux 4 is installed
        oval oval:com.redhat.rhba:tst:20070304001
      • OR
        • AND
          • comment qt is earlier than 1:3.3.3-10.RHEL4
            oval oval:com.redhat.rhsa:tst:20060725015
          • comment qt is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060725003
        • AND
          • comment qt-MySQL is earlier than 1:3.3.3-10.RHEL4
            oval oval:com.redhat.rhsa:tst:20060725021
          • comment qt-MySQL is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060725005
        • AND
          • comment qt-ODBC is earlier than 1:3.3.3-10.RHEL4
            oval oval:com.redhat.rhsa:tst:20060725020
          • comment qt-ODBC is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060725013
        • AND
          • comment qt-PostgreSQL is earlier than 1:3.3.3-10.RHEL4
            oval oval:com.redhat.rhsa:tst:20060725016
          • comment qt-PostgreSQL is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060725017
        • AND
          • comment qt-config is earlier than 1:3.3.3-10.RHEL4
            oval oval:com.redhat.rhsa:tst:20060725022
          • comment qt-config is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060725009
        • AND
          • comment qt-designer is earlier than 1:3.3.3-10.RHEL4
            oval oval:com.redhat.rhsa:tst:20060725018
          • comment qt-designer is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060725007
        • AND
          • comment qt-devel is earlier than 1:3.3.3-10.RHEL4
            oval oval:com.redhat.rhsa:tst:20060725019
          • comment qt-devel is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060725011
    rhsa
    id RHSA-2006:0725
    released 2006-11-01
    severity Moderate
    title RHSA-2006:0725: qt security update (Moderate)
rpms
  • kdelibs-6:3.1.3-6.12
  • kdelibs-devel-6:3.1.3-6.12
  • kdelibs-6:3.3.1-6.RHEL4
  • kdelibs-devel-6:3.3.1-6.RHEL4
  • qt-1:3.1.2-14.RHEL3
  • qt-MySQL-1:3.1.2-14.RHEL3
  • qt-ODBC-1:3.1.2-14.RHEL3
  • qt-config-1:3.1.2-14.RHEL3
  • qt-designer-1:3.1.2-14.RHEL3
  • qt-devel-1:3.1.2-14.RHEL3
  • qt-1:3.3.3-10.RHEL4
  • qt-MySQL-1:3.3.3-10.RHEL4
  • qt-ODBC-1:3.3.3-10.RHEL4
  • qt-PostgreSQL-1:3.3.3-10.RHEL4
  • qt-config-1:3.3.3-10.RHEL4
  • qt-designer-1:3.3.3-10.RHEL4
  • qt-devel-1:3.3.3-10.RHEL4
refmap via4
bid 20599
bugtraq 20061018 rPSA-2006-0195-1 kdelibs
confirm
debian DSA-1200
gentoo
  • GLSA-200611-02
  • GLSA-200703-06
mandriva
  • MDKSA-2006:186
  • MDKSA-2006:187
sectrack 1017084
secunia
  • 22380
  • 22397
  • 22479
  • 22485
  • 22492
  • 22520
  • 22579
  • 22586
  • 22589
  • 22645
  • 22738
  • 22890
  • 22929
  • 24347
sgi
  • 20061002-01-P
  • 20061101-01-P
slackware SSA:2006-298-01
suse SUSE-SA:2006:063
ubuntu USN-368-1
vupen ADV-2006-4099
statements via4
contributor Mark J Cox
lastmodified 2007-03-14
organization Red Hat
statement Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
Last major update 17-10-2018 - 21:39
Published 18-10-2006 - 17:07
Back to Top