CVE-2006-4811

Integer overflow in Qt 3.3 before 3.3.7, 4.1 before 4.1.5, and 4.2 before 4.2.1, as used in the KDE khtml library, kdelibs 3.1.3, and possibly other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted pixmap image.

Affected Software

Name	Vendor	Start Version	End Version
Qt	Qt	3.3.0 (including)	3.3.0 (including)
Qt	Qt	3.3.1 (including)	3.3.1 (including)
Qt	Qt	3.3.2 (including)	3.3.2 (including)
Qt	Qt	3.3.3 (including)	3.3.3 (including)
Qt	Qt	3.3.4 (including)	3.3.4 (including)
Qt	Qt	3.3.5 (including)	3.3.5 (including)
Qt	Qt	3.3.6 (including)	3.3.6 (including)
Qt	Qt	4.1.0 (including)	4.1.0 (including)
Qt	Qt	4.1.1 (including)	4.1.1 (including)
Qt	Qt	4.1.2 (including)	4.1.2 (including)
Qt	Qt	4.1.3 (including)	4.1.3 (including)
Qt	Qt	4.1.4 (including)	4.1.4 (including)
Qt	Qt	4.2.0 (including)	4.2.0 (including)
Kdelibs	Redhat	3.1.3 (including)	3.1.3 (including)
Red Hat Enterprise Linux 2.1	RedHat	kdelibs-6:2.2.2-21.EL2	*
Red Hat Enterprise Linux 2.1	RedHat	qt-1:2.3.1-12.EL2	*
Red Hat Enterprise Linux 3	RedHat	kdelibs-6:3.1.3-6.12	*
Red Hat Enterprise Linux 3	RedHat	qt-1:3.1.2-14.RHEL3	*
Red Hat Enterprise Linux 4	RedHat	kdelibs-6:3.3.1-6.RHEL4	*
Red Hat Enterprise Linux 4	RedHat	qt-1:3.3.3-10.RHEL4	*
Qt-x11-free	Ubuntu	dapper	*
Qt-x11-free	Ubuntu	devel	*
Qt-x11-free	Ubuntu	edgy	*
Qt-x11-free	Ubuntu	feisty	*
Qt4-x11	Ubuntu	dapper	*
Qt4-x11	Ubuntu	devel	*
Qt4-x11	Ubuntu	edgy	*
Qt4-x11	Ubuntu	feisty	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2006-4811
CWE	https://cwe.mitre.org/data/definitions/189.html

Affected Software

References