Integer overflow in Qt 3.3 before 3.3.7, 4.1 before 4.1.5, and 4.2 before 4.2.1, as used in the KDE khtml library, kdelibs 3.1.3, and possibly other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted pixmap image.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Qt | Qt | 3.3.0 (including) | 3.3.0 (including) |
| Qt | Qt | 3.3.1 (including) | 3.3.1 (including) |
| Qt | Qt | 3.3.2 (including) | 3.3.2 (including) |
| Qt | Qt | 3.3.3 (including) | 3.3.3 (including) |
| Qt | Qt | 3.3.4 (including) | 3.3.4 (including) |
| Qt | Qt | 3.3.5 (including) | 3.3.5 (including) |
| Qt | Qt | 3.3.6 (including) | 3.3.6 (including) |
| Qt | Qt | 4.1.0 (including) | 4.1.0 (including) |
| Qt | Qt | 4.1.1 (including) | 4.1.1 (including) |
| Qt | Qt | 4.1.2 (including) | 4.1.2 (including) |
| Qt | Qt | 4.1.3 (including) | 4.1.3 (including) |
| Qt | Qt | 4.1.4 (including) | 4.1.4 (including) |
| Qt | Qt | 4.2.0 (including) | 4.2.0 (including) |
| Kdelibs | Redhat | 3.1.3 (including) | 3.1.3 (including) |
| Red Hat Enterprise Linux 2.1 | RedHat | kdelibs-6:2.2.2-21.EL2 | * |
| Red Hat Enterprise Linux 2.1 | RedHat | qt-1:2.3.1-12.EL2 | * |
| Red Hat Enterprise Linux 3 | RedHat | kdelibs-6:3.1.3-6.12 | * |
| Red Hat Enterprise Linux 3 | RedHat | qt-1:3.1.2-14.RHEL3 | * |
| Red Hat Enterprise Linux 4 | RedHat | kdelibs-6:3.3.1-6.RHEL4 | * |
| Red Hat Enterprise Linux 4 | RedHat | qt-1:3.3.3-10.RHEL4 | * |
| Qt-x11-free | Ubuntu | dapper | * |
| Qt-x11-free | Ubuntu | devel | * |
| Qt-x11-free | Ubuntu | edgy | * |
| Qt-x11-free | Ubuntu | feisty | * |
| Qt4-x11 | Ubuntu | dapper | * |
| Qt4-x11 | Ubuntu | devel | * |
| Qt4-x11 | Ubuntu | edgy | * |
| Qt4-x11 | Ubuntu | feisty | * |