FreeBSD : qt -- image loader vulnerabilities (ebffe27a-f48c-11d8-9837-000c41e2cdad)

This script is Copyright (C) 2004-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Qt contains several vulnerabilities related to image loading,
including possible crashes when loading corrupt GIF, BMP, or JPEG
images. Most seriously, Chris Evans reports that the BMP crash is
actually due to a heap buffer overflow. It is believed that an
attacker may be able to construct a BMP image that could cause a
Qt-using application to execute arbitrary code when it is loaded.

See also :

http://www.nessus.org/u?9aaee330
http://scary.beasts.org/security/CESA-2004-004.txt
http://www.nessus.org/u?e9cd19b7

Solution :

Update the affected package.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 14340 (freebsd_qt_333.nasl)

Bugtraq ID:

CVE ID: CVE-2004-0691
CVE-2004-0692
CVE-2004-0693

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now