kdelibs -- integer overflow in khtml

2006-10-14T00:00:00
ID D8FBF13A-6215-11DB-A59E-0211D85F11FB
Type freebsd
Reporter FreeBSD
Modified 2006-10-14T00:00:00

Description

Red Hat reports:

An integer overflow flaw was found in the way Qt handled pixmap images. The KDE khtml library uses Qt in such a way that untrusted parameters could be passed to Qt, triggering the overflow. An attacker could for example create a malicious web page that when viewed by a victim in the Konqueror browser would cause Konqueror to crash or possibly execute arbitrary code with the privileges of the victim.