USN368-1 : Qt vulnerability
|
|
Article ID: 27948
Last updated: 27 Jan, 2009
|
|
|
|
Views: 372
|
|
Posted: 22 Jan, 2009
by: Tech Pubs S.
Updated: 27 Jan, 2009
by: Tech Pubs S.
|
|
USN368-1 : Qt vulnerability |
|
| Ubuntu Security Notice (C) 2007 Canonical, Inc. / NASL script (C) 2007 Tenable Network Security, Inc. |
|
|
| Family | Ubuntu Local Security Checks |
| Plugin ID | 27948 |
| Bugtraq ID |
|
| CVE ID | CVE-2006-4811
|
|
| Description: |
Synopsis :
These remote packages are missing security patches :
- libqt3-compat-headers
- libqt3-dev
- libqt3-headers
- libqt3-i18n
- libqt3-mt
- libqt3-mt-dbg
- libqt3-mt-dev
- libqt3-mt-ibase
- libqt3-mt-mysql
- libqt3-mt-odbc
- libqt3-mt-psql
- libqt3-mt-sqlite
- libqt3c102
- libqt3c102-mt
- libqt3c102-mt-mysql
- libqt3c102-mt-odbc
- libqt3c102-mt-psql
- libqt3c102-mt-sqlite
- libqt3c102-mysql
- libqt3c102-odbc
- libqt3c102-psql
- libqt3c102-sqlite
- qt-x11-free-dbg
- qt3-apps-dev
- qt3-ass
[...]
Description :
An integer overflow was discovered in Qts image loader. By processing
a specially crafted image with an application that uses this library
(like Konqueror), a remote attacker could exploit this to execute
arbitrary code with the applications privileges.
Solution :
Upgrade to :
- libqt3-compat-headers-3.3.6-1ubuntu6.1 (Ubuntu 6.06)
- libqt3-dev-3.3.3-7ubuntu3.1 (Ubuntu 5.04)
- libqt3-headers-3.3.6-1ubuntu6.1 (Ubuntu 6.06)
- libqt3-i18n-3.3.6-1ubuntu6.1 (Ubuntu 6.06)
- libqt3-mt-3.3.6-1ubuntu6.1 (Ubuntu 6.06)
- libqt3-mt-dbg-3.3.4-8ubuntu5.1 (Ubuntu 5.10)
- libqt3-mt-dev-3.3.6-1ubuntu6.1 (Ubuntu 6.06)
- libqt3-mt-ibase-3.3.4-8ubuntu5.1 (Ubuntu 5.10)
- libqt3-mt-mysql-3.3.6-1ubuntu6.1 (Ubuntu 6.06)
- libqt3-mt-odbc-3.3.6-1ubuntu6.1 (Ubuntu 6.06)
- libqt3-mt-psql-3.3.6
[...]
Risk factor : High
|
|
