Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2006-4811

Published: 18/10/2006 Updated: 16/06/2021
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Qt

Vulnerability Summary

Integer overflow in Qt 3.3 prior to 3.3.7, 4.1 prior to 4.1.5, and 4.2 prior to 4.2.1, as used in the KDE khtml library, kdelibs 3.1.3, and possibly other packages, allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted pixmap image.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

qt qt 3.3.5

qt qt 3.3.6

qt qt 3.3.3

qt qt 3.3.4

qt qt 4.1.0

qt qt 4.2.0

qt qt 3.3.1

qt qt 3.3.2

qt qt 4.1.2

qt qt 4.1.1

redhat kdelibs 3.1.3

qt qt 3.3.0

qt qt 4.1.4

qt qt 4.1.3

Vendor Advisories

Debian CVElist Bug Report Logs: Security: integer overflow in pixmap handling (CVE-2006-4811)
Debian Bug report logs - #394192 Security: integer overflow in pixmap handling (CVE-2006-4811) Package: libqt4-core; Maintainer for libqt4-core is Debian Qt/KDE Maintainers <debian-qt-kde@listsdebianorg>; Source for libqt4-core is src:qt4-x11 (PTS, buildd, popcon) Reported by: "debian-bts@spamblocknetzgehirnde" <debi ...
Ubuntu Security Notice: qt-x11-free vulnerability
An integer overflow was discovered in Qt’s image loader By processing a specially crafted image with an application that uses this library (like Konqueror), a remote attacker could exploit this to execute arbitrary code with the application’s privileges ...
Debian Security Advisories: DSA-1200-1 qt-x11-free -- integer overflow
An integer overflow has been found in the pixmap handling routines in the Qt GUI libraries This could allow an attacker to cause a denial of service and possibly execute arbitrary code by providing a specially crafted image file and inducing the victim to view it in an application based on Qt For the stable distribution (sarge), this problem has ...

References

CWE-189http://www.redhat.com/support/errata/RHSA-2006-0720.htmlhttp://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210742http://www.securityfocus.com/bid/20599http://secunia.com/advisories/22479http://secunia.com/advisories/22485http://secunia.com/advisories/22492http://www.trolltech.com/company/newsroom/announcements/press.2006-10-19.5434451733http://www.ubuntu.com/usn/usn-368-1http://secunia.com/advisories/22380http://secunia.com/advisories/22520http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.483634http://lists.suse.com/archive/suse-security-announce/2006-Oct/0006.htmlhttp://securitytracker.com/id?1017084http://secunia.com/advisories/22397http://secunia.com/advisories/22579http://secunia.com/advisories/22589http://www.us.debian.org/security/2006/dsa-1200http://secunia.com/advisories/22645https://issues.rpath.com/browse/RPL-723http://security.gentoo.org/glsa/glsa-200611-02.xmlhttp://www.redhat.com/support/errata/RHSA-2006-0725.htmlhttp://secunia.com/advisories/22586http://secunia.com/advisories/22738ftp://patches.sgi.com/support/free/security/advisories/20061002-01-Pftp://patches.sgi.com/support/free/security/advisories/20061101-01-Phttp://secunia.com/advisories/22890http://secunia.com/advisories/22929http://security.gentoo.org/glsa/glsa-200703-06.xmlhttp://secunia.com/advisories/24347http://www.mandriva.com/security/advisories?name=MDKSA-2006:186http://www.mandriva.com/security/advisories?name=MDKSA-2006:187http://www.vupen.com/english/advisories/2006/4099https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10218http://www.securityfocus.com/archive/1/449173/100/0/threadedhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=394192https://usn.ubuntu.com/368-1/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654CVE-2023-49606encryptionNULL pointer dereferenceCVE-2024-4439CVE-2024-4649race conditionCVE-2024-27202CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook