211347 – CVE-2006-4811 qt integer overflow

Bug 211347 - CVE-2006-4811 qt integer overflow

Summary: CVE-2006-4811 qt integer overflow

Keywords:
Status:	CLOSED NEXTRELEASE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	kdelibs
Sub Component:
Version:	6
Hardware:	All
OS:	Linux
Priority:	urgent
Severity:	urgent
Target Milestone:	---
Assignee:	Than Ngo
QA Contact:
Docs Contact:
URL:
Whiteboard:	impact=critical,source=vendorsec,repo...
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2006-10-18 19:23 UTC by Josh Bressers
Modified:	2007-11-30 22:11 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2006-11-22 17:22:53 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Josh Bressers 2006-10-18 19:23:13 UTC

+++ This bug was initially created as a clone of Bug #211342 +++

An interger overflow flaw was found in the way qt handles certain pixmax
requests.  This flaw can lead to arbitrary data being written onto the heap,
possibly resulting in arbitrary code execution withing applications using qt
(such as knoqueror and kmail)

-- Additional comment from rdieter.edu on 2006-10-18 15:13 EST --
Isn't this a qt, not a kdelibs, bug?

Comment 1 Rex Dieter 2006-11-22 17:22:53 UTC

qt-3.3.7-0.1 update addressed this.

Note You need to log in before you can comment on or make changes to this bug.