151972 – kde-base/kdelibs integer overflow

Bug 151972 - kde-base/kdelibs integer overflow

Summary: kde-base/kdelibs integer overflow

Status:	RESOLVED DUPLICATE of bug 151838

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	High critical (vote)
Assignee:	Gentoo Security

URL:	https://rhn.redhat.com/errata/RHSA-20...
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2006-10-19 09:21 UTC by Sebastian
Modified:	2006-10-19 10:35 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Sebastian 2006-10-19 09:21:37 UTC

Hi,

I looked for reports regarding this one but couldn't find any, so here we go.

Red Hat says:

"Updated kdelibs packages that correct an integer overflow flaw are now 
available. 
 
This update has been rated as having critical security impact by the Red 
Hat Security Response Team.
The kdelibs package provides libraries for the K Desktop Environment (KDE). 
 Qt is a GUI software toolkit for the X Window System. 
 
An integer overflow flaw was found in the way Qt handled pixmap images. 
The KDE khtml library uses Qt in such a way that untrusted parameters could 
be passed to Qt, triggering the overflow. An attacker could for example 
create a malicious web page that when viewed by a victim in the Konqueror 
browser would cause Konqueror to crash or possibly execute arbitrary code 
with the privileges of the victim. (CVE-2006-4811) 
 
Users of KDE should upgrade to these updated packages, which contain a 
backported patch to correct this issue."

Regards
Sebastian

Comment 1 Matt Drew (RETIRED) gentoo-dev

2006-10-19 10:17:23 UTC

Dupe of bug #151838 - that one could use a better name, perhaps.

Comment 2 Jakub Moc (RETIRED) gentoo-dev

2006-10-19 10:35:02 UTC


*** This bug has been marked as a duplicate of 151838 ***