Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> Mandrake Local Security Checks >> MDKSA-2004:085: qt3

Vulnerability Assessment Details

MDKSA-2004:085: qt3

Vulnerability Assessment Summary
Check for the version of the qt3 package

Detailed Explanation for this Vulnerability Assessment

The remote host is missing the patch for the advisory MDKSA-2004:085 (qt3).

Chris Evans discovered a heap-based overflow in the QT library when handling
8-bit RLE encoded BMP files. This vulnerability could permit for the compromise
of the account used to view or browse malicious BMP files. On subsequent
investigation, it was also found that the handlers for XPM, GIF, and JPEG image
types were also faulty.
These problems affect all applications that use QT to handle image files, such
as QT-based image viewers, the Konqueror web browser, and others.
The updated packages have been patched to correct these problems.

Solution :
Network Security Threat Level: High

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2004 Tenable Network Security

Cables, Connectors


No Discussions have been posted on this vulnerability.