Scientific Linux Security Update : qt on SL5.x, SL4.x, SL3.x i386/x86_64
High Nessus Plugin ID 60250
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionA flaw was found in the way Qt expanded certain UTF8 characters. It was possible to prevent a Qt-based application from properly sanitizing user supplied input. This could, for example, result in a cross-site scripting attack against the Konqueror web browser.
A buffer overflow flaw was found in the way Qt expanded malformed Unicode strings. If an application linked against Qt parsed a malicious Unicode string, it could lead to a denial of service or possibly allow the execution of arbitrary code. (CVE-2007-4137)
SolutionUpdate the affected packages.