Mandrake Linux Security Advisory : qt3 (MDKSA-2004:085)

This script is Copyright (C) 2004-2013 Tenable Network Security, Inc.


Synopsis :

The remote Mandrake Linux host is missing one or more security
updates.

Description :

Chris Evans discovered a heap-based overflow in the QT library when
handling 8-bit RLE encoded BMP files. This vulnerability could allow
for the compromise of the account used to view or browse malicious BMP
files. On subsequent investigation, it was also found that the
handlers for XPM, GIF, and JPEG image types were also faulty.

These problems affect all applications that use QT to handle image
files, such as QT-based image viewers, the Konqueror web browser, and
others.

The updated packages have been patched to correct these problems.

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: Mandriva Local Security Checks

Nessus Plugin ID: 14334 (mandrake_MDKSA-2004-085.nasl)

Bugtraq ID:

CVE ID: CVE-2004-0691
CVE-2004-0692
CVE-2004-0693

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now