SUSE-SA:2006:063: Qt

2007-02-18T00:00:00
ID SUSE_SA_2006_063.NASL
Type nessus
Reporter Tenable
Modified 2007-02-18T00:00:00

Description

The remote host is missing the patch for the advisory SUSE-SA:2006:063 (Qt).

Multiple integer overflows have been found in image processing functions within the Qt class library, used for instance by the web browser 'konqueror' and its rendering engine 'khtml'.

These problems could potentially lead to heap overflows and code execution or just a browser crash (denial of service).

This problem has the Mitre CVE ID CVE-2006-4811.

                                        
                                            #%NASL_MIN_LEVEL 70103

#
# (C) Tenable Network Security, Inc.
#
# This plugin text was extracted from SuSE Security Advisory SUSE-SA:2006:063
#


if ( ! defined_func("bn_random") ) exit(0);

include("compat.inc");

if(description)
{
 script_id(24441);
 script_version ("1.6");
 
 name["english"] = "SUSE-SA:2006:063: Qt";
 
 script_name(english:name["english"]);
 
 script_set_attribute(attribute:"synopsis", value:
"The remote host is missing a vendor-supplied security patch" );
 script_set_attribute(attribute:"description", value:
"The remote host is missing the patch for the advisory SUSE-SA:2006:063 (Qt).


Multiple integer overflows have been found in image processing
functions within the Qt class library, used for instance by the web
browser 'konqueror' and its rendering engine 'khtml'.

These problems could potentially lead to heap overflows and code
execution or just a browser crash (denial of service).

This problem has the Mitre CVE ID CVE-2006-4811." );
 script_set_attribute(attribute:"solution", value:
"http://www.novell.com/linux/security/advisories/2006_63_qt.html" );
 script_set_attribute(attribute:"risk_factor", value:"High" );



 script_set_attribute(attribute:"plugin_publication_date", value: "2007/02/18");
 script_end_attributes();

 
 summary["english"] = "Check for the version of the Qt package";
 script_summary(english:summary["english"]);
 
 script_category(ACT_GATHER_INFO);
 
 script_copyright(english:"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.");
 family["english"] = "SuSE Local Security Checks";
 script_family(english:family["english"]);
 
 script_dependencies("ssh_get_info.nasl");
 script_require_keys("Host/SuSE/rpm-list");
 exit(0);
}

include("rpm.inc");
if ( rpm_check( reference:"qt-4.0.1-10.2", release:"SUSE10.0") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"qt3-3.3.4-28.7", release:"SUSE10.0") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"qt3-static-3.3.4-28.7", release:"SUSE10.0") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"qt3-3.3.3-24.2", release:"SUSE9.2") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"qt3-static-3.3.3-24.2", release:"SUSE9.2") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"qt3-3.3.4-11.5", release:"SUSE9.3") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"qt3-static-3.3.4-11.4", release:"SUSE9.3") )
{
 security_hole(0);
 exit(0);
}