Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.57618
Category:Mandrake Local Security Checks
Title:Mandrake Security Advisory MDKSA-2006:186 (kdelibs)
Summary:NOSUMMARY
Description:Description:

The remote host is missing an update to kdelibs
announced via advisory MDKSA-2006:186.

A vulnerability was discovered in the way that Qt handled pixmap images
and the KDE khtml library used Qt in such a way that untrusted
parameters could be passed to Qt, resulting in an integer overflow.
This flaw could be exploited by a remote attacker in a malicious
website that, when viewed by an individual using Konqueror, would cause
Konqueror to crash or possibly execute arbitrary code with the
privileges of the user.

Updated packages have been patched to correct this issue.

Affected: 2007.0, Corporate 3.0, Corporate 4.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2006:186

Risk factor : High

CVSS Score:
7.5

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2006-4811
BugTraq ID: 20599
http://www.securityfocus.com/bid/20599
Bugtraq: 20061018 rPSA-2006-0195-1 kdelibs (Google Search)
http://www.securityfocus.com/archive/1/449173/100/0/threaded
Debian Security Information: DSA-1200 (Google Search)
http://www.us.debian.org/security/2006/dsa-1200
http://security.gentoo.org/glsa/glsa-200611-02.xml
http://security.gentoo.org/glsa/glsa-200703-06.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2006:186
http://www.mandriva.com/security/advisories?name=MDKSA-2006:187
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10218
http://www.redhat.com/support/errata/RHSA-2006-0720.html
http://www.redhat.com/support/errata/RHSA-2006-0725.html
http://securitytracker.com/id?1017084
http://secunia.com/advisories/22380
http://secunia.com/advisories/22397
http://secunia.com/advisories/22479
http://secunia.com/advisories/22485
http://secunia.com/advisories/22492
http://secunia.com/advisories/22520
http://secunia.com/advisories/22579
http://secunia.com/advisories/22586
http://secunia.com/advisories/22589
http://secunia.com/advisories/22645
http://secunia.com/advisories/22738
http://secunia.com/advisories/22890
http://secunia.com/advisories/22929
http://secunia.com/advisories/24347
SGI Security Advisory: 20061002-01-P
ftp://patches.sgi.com/support/free/security/advisories/20061002-01-P
SGI Security Advisory: 20061101-01-P
ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.483634
SuSE Security Announcement: SUSE-SA:2006:063 (Google Search)
http://lists.suse.com/archive/suse-security-announce/2006-Oct/0006.html
http://www.ubuntu.com/usn/usn-368-1
http://www.vupen.com/english/advisories/2006/4099
CopyrightCopyright (c) 2006 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.