Vulnerability Description
Integer overflow in Qt 3.3 before 3.3.7, 4.1 before 4.1.5, and 4.2 before 4.2.1, as used in the KDE khtml library, kdelibs 3.1.3, and possibly other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted pixmap image.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qt | Qt | 3.3.0 |
| Redhat | Kdelibs | 3.1.3 |
Related Weaknesses (CWE)
References
- ftp://patches.sgi.com/support/free/security/advisories/20061002-01-P
- ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P
- http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210742
- http://lists.suse.com/archive/suse-security-announce/2006-Oct/0006.html
- http://secunia.com/advisories/22380PatchVendor Advisory
- http://secunia.com/advisories/22397Vendor Advisory
- http://secunia.com/advisories/22479PatchVendor Advisory
- http://secunia.com/advisories/22485PatchVendor Advisory
- http://secunia.com/advisories/22492PatchVendor Advisory
- http://secunia.com/advisories/22520PatchVendor Advisory
- http://secunia.com/advisories/22579Vendor Advisory
- http://secunia.com/advisories/22586Vendor Advisory
- http://secunia.com/advisories/22589Vendor Advisory
- http://secunia.com/advisories/22645Vendor Advisory
- http://secunia.com/advisories/22738Vendor Advisory
FAQ
What is CVE-2006-4811?
CVE-2006-4811 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Integer overflow in Qt 3.3 before 3.3.7, 4.1 before 4.1.5, and 4.2 before 4.2.1, as used in the KDE khtml library, kdelibs 3.1.3, and possibly other packages, allows remote attackers to cause a denial...
How severe is CVE-2006-4811?
CVE-2006-4811 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-4811?
Check the references section above for vendor advisories and patch information. Affected products include: Qt Qt, Redhat Kdelibs.