CVE-2006-4811

CWE-1896 documents6 sources
Severity
6.8MEDIUM
EPSS
17.4%
top 4.93%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
QT QTRedhat Kdelibs
Timeline
PublishedOct 18
Latest updateMay 3

Description

Integer overflow in Qt 3.3 before 3.3.7, 4.1 before 4.1.5, and 4.2 before 4.2.1, as used in the KDE khtml library, kdelibs 3.1.3, and possibly other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted pixmap image.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages2 packages

NVDredhat/kdelibs3.1.3
NVDqt/qt13 versions+12

Patches

Patch: secunia.comPatch: secunia.comPatch: secunia.com

🔴Vulnerability Details

2
GHSA
GHSA-55vc-fmpc-5q9q: Integer overflow in Qt 32022-05-03
CVEList
CVE-2006-4811: Integer overflow in Qt 32006-10-18

📋Vendor Advisories

2
Ubuntu
Qt vulnerability2006-10-24
Red Hat
security flaw2006-10-13

💬Community

1
Bugzilla
CVE-2006-4811 security flaw2018-08-16
CVE-2006-4811 (MEDIUM CVSS 6.8) | Integer overflow in Qt 3.3 before 3 | cvebase.io