FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

kdelibs -- integer overflow in khtml

Affected packages
kdelibs < 3.5.4_4
kdelibs-nocups < 3.5.4_4
qt < 3.3.6_3
qt-copy < 3.3.6_3


VuXML ID d8fbf13a-6215-11db-a59e-0211d85f11fb
Discovery 2006-10-14
Entry 2006-10-22

Red Hat reports:

An integer overflow flaw was found in the way Qt handled pixmap images. The KDE khtml library uses Qt in such a way that untrusted parameters could be passed to Qt, triggering the overflow. An attacker could for example create a malicious web page that when viewed by a victim in the Konqueror browser would cause Konqueror to crash or possibly execute arbitrary code with the privileges of the victim.


CVE Name CVE-2006-4811