FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-12-18 19:03:49 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
d8fbf13a-6215-11db-a59e-0211d85f11fb	kdelibs -- integer overflow in khtml Red Hat reports: An integer overflow flaw was found in the way Qt handled pixmap images. The KDE khtml library uses Qt in such a way that untrusted parameters could be passed to Qt, triggering the overflow. An attacker could for example create a malicious web page that when viewed by a victim in the Konqueror browser would cause Konqueror to crash or possibly execute arbitrary code with the privileges of the victim. Discovery 2006-10-14 Entry 2006-10-22 kdelibs kdelibs-nocups < 3.5.4_4 qt qt-copy < 3.3.6_3 CVE-2006-4811 http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210742 http://rhn.redhat.com/errata/RHSA-2006-0720.html
ebffe27a-f48c-11d8-9837-000c41e2cdad	qt -- image loader vulnerabilities Qt contains several vulnerabilities related to image loading, including possible crashes when loading corrupt GIF, BMP, or JPEG images. Most seriously, Chris Evans reports that the BMP crash is actually due to a heap buffer overflow. It is believed that an attacker may be able to construct a BMP image that could cause a Qt-using application to execute arbitrary code when it is loaded. Discovery 2004-08-11 Entry 2004-08-22 qt < 3.3.3 CVE-2004-0691 CVE-2004-0692 CVE-2004-0693 http://www.trolltech.com/developer/changes/changes-3.3.3.html http://scary.beasts.org/security/CESA-2004-004.txt

VuXML ID

Description

d8fbf13a-6215-11db-a59e-0211d85f11fb

kdelibs -- integer overflow in khtml

Red Hat reports:

An integer overflow flaw was found in the way Qt handled pixmap images. The KDE khtml library uses Qt in such a way that untrusted parameters could be passed to Qt, triggering the overflow. An attacker could for example create a malicious web page that when viewed by a victim in the Konqueror browser would cause Konqueror to crash or possibly execute arbitrary code with the privileges of the victim.

Discovery 2006-10-14
Entry 2006-10-22
kdelibs
kdelibs-nocups

< 3.5.4_4

qt
qt-copy

< 3.3.6_3

CVE-2006-4811
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210742
http://rhn.redhat.com/errata/RHSA-2006-0720.html

ebffe27a-f48c-11d8-9837-000c41e2cdad

qt -- image loader vulnerabilities

Qt contains several vulnerabilities related to image loading, including possible crashes when loading corrupt GIF, BMP, or JPEG images. Most seriously, Chris Evans reports that the BMP crash is actually due to a heap buffer overflow. It is believed that an attacker may be able to construct a BMP image that could cause a Qt-using application to execute arbitrary code when it is loaded.

Discovery 2004-08-11
Entry 2004-08-22
qt

< 3.3.3

CVE-2004-0691
CVE-2004-0692
CVE-2004-0693
http://www.trolltech.com/developer/changes/changes-3.3.3.html
http://scary.beasts.org/security/CESA-2004-004.txt