Mandrake Linux Security Advisory : qt (MDKSA-2007:183)

This script is Copyright (C) 2007-2015 Tenable Network Security, Inc.


Synopsis :

The remote Mandrake Linux host is missing one or more security
updates.

Description :

A buffer overflow was found in how Qt expanded malformed Unicode
strings. If an application linked against Qt parsed a malicious
Unicode string, it could lead to a denial of service or potentially
allow for the execution of arbitrary code.

Updated packages have been patched to prevent this issue. Although the
problem is not exploitable in Qt4, patched packages have been issued
regardless.

See also :

http://www.nessus.org/u?6fbb01c0

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 6.5
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Mandriva Local Security Checks

Nessus Plugin ID: 26049 (mandrake_MDKSA-2007-183.nasl)

Bugtraq ID: 25657

CVE ID: CVE-2007-4137

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now