CVE-2006-4811

{"id": "CVE-2006-4811", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2006-10-18T17:07:00.000", "references": [{"url": "ftp://patches.sgi.com/support/free/security/advisories/20061002-01-P", "source": "secalert@redhat.com"}, {"url": "ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P", "source": "secalert@redhat.com"}, {"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210742", "source": "secalert@redhat.com"}, {"url": "http://lists.suse.com/archive/suse-security-announce/2006-Oct/0006.html", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/22380", "tags": ["Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/22397", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/22479", "tags": ["Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/22485", "tags": ["Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/22492", "tags": ["Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/22520", "tags": ["Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/22579", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/22586", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/22589", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/22645", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/22738", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/22890", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/22929", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/24347", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://security.gentoo.org/glsa/glsa-200611-02.xml", "source": "secalert@redhat.com"}, {"url": "http://security.gentoo.org/glsa/glsa-200703-06.xml", "source": "secalert@redhat.com"}, {"url": "http://securitytracker.com/id?1017084", "source": "secalert@redhat.com"}, {"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.483634", "source": "secalert@redhat.com"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:186", "source": "secalert@redhat.com"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:187", "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2006-0720.html", "tags": ["Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2006-0725.html", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/archive/1/449173/100/0/threaded", "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/20599", "source": "secalert@redhat.com"}, {"url": "http://www.trolltech.com/company/newsroom/announcements/press.2006-10-19.5434451733", "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/usn-368-1", "tags": ["Patch"], "source": "secalert@redhat.com"}, {"url": "http://www.us.debian.org/security/2006/dsa-1200", "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2006/4099", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://issues.rpath.com/browse/RPL-723", "source": "secalert@redhat.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10218", "source": "secalert@redhat.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-189"}]}], "descriptions": [{"lang": "en", "value": "Integer overflow in Qt 3.3 before 3.3.7, 4.1 before 4.1.5, and 4.2 before 4.2.1, as used in the KDE khtml library, kdelibs 3.1.3, and possibly other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted pixmap image."}, {"lang": "es", "value": "El desbordamiento de enteros en el Qt 3.3 versiones anteriores a 3.3.7, 4.1 anteriores a 4.1.5, y 4.2 anteriores a 4.2.1, como el usado en la librer\u00eda KDE khtml, kdelibs 3.1.3, y, posiblemente otros paquetes, permite a los atacantes remotos causar la denegaci\u00f3n de servicio (ca\u00edda) y la posibilidad de ejecutar c\u00f3digo de su elecci\u00f3n mediante una imagen pixmap manipulada."}], "lastModified": "2021-06-16T12:43:08.567", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:qt:qt:3.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "52D26BBF-106F-48C8-9D57-CF080486DB64"}, {"criteria": "cpe:2.3:a:qt:qt:3.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "026716CE-6BA5-4FC4-8BD3-BF5430DEBE99"}, {"criteria": "cpe:2.3:a:qt:qt:3.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "52BF63BD-E6FA-49AA-9627-7EDAD7939531"}, {"criteria": "cpe:2.3:a:qt:qt:3.3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "27EBEAE0-C1DF-46E4-9E2A-B333912A4950"}, {"criteria": "cpe:2.3:a:qt:qt:3.3.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5BCDBB15-4E26-48F0-A266-CA059CFEE596"}, {"criteria": "cpe:2.3:a:qt:qt:3.3.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A07F27DC-47A4-4EF2-91CC-81863D015B3A"}, {"criteria": "cpe:2.3:a:qt:qt:3.3.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "58E53D3A-665D-4EEE-82EF-4EDBD194B475"}, {"criteria": "cpe:2.3:a:qt:qt:4.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A38B91E-698F-4638-BC3B-BD02F3313B70"}, {"criteria": "cpe:2.3:a:qt:qt:4.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7629BAB0-5077-4B82-9F11-B228E8EAFA17"}, {"criteria": "cpe:2.3:a:qt:qt:4.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "76366D45-3604-49D1-BD97-8A9FACEA2171"}, {"criteria": "cpe:2.3:a:qt:qt:4.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EEEF60A1-5FF0-465F-A872-62F80899F870"}, {"criteria": "cpe:2.3:a:qt:qt:4.1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D5386EE-376B-4773-8687-5314BFF35E41"}, {"criteria": "cpe:2.3:a:qt:qt:4.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E3AC6465-B459-410E-A5C5-EBFF5C866009"}, {"criteria": "cpe:2.3:a:redhat:kdelibs:3.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3A5C548D-9A33-431C-9022-512B4B2DEC0D"}], "operator": "OR"}]}], "vendorComments": [{"comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", "lastModified": "2007-03-14T00:00:00", "organization": "Red Hat"}], "sourceIdentifier": "secalert@redhat.com"}