FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
d8fbf13a-6215-11db-a59e-0211d85f11fbkdelibs -- integer overflow in khtml

Red Hat reports:

An integer overflow flaw was found in the way Qt handled pixmap images. The KDE khtml library uses Qt in such a way that untrusted parameters could be passed to Qt, triggering the overflow. An attacker could for example create a malicious web page that when viewed by a victim in the Konqueror browser would cause Konqueror to crash or possibly execute arbitrary code with the privileges of the victim.


Discovery 2006-10-14
Entry 2006-10-22
kdelibs
kdelibs-nocups
< 3.5.4_4

qt
qt-copy
< 3.3.6_3

CVE-2006-4811
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210742
http://rhn.redhat.com/errata/RHSA-2006-0720.html
ebffe27a-f48c-11d8-9837-000c41e2cdadqt -- image loader vulnerabilities

Qt contains several vulnerabilities related to image loading, including possible crashes when loading corrupt GIF, BMP, or JPEG images. Most seriously, Chris Evans reports that the BMP crash is actually due to a heap buffer overflow. It is believed that an attacker may be able to construct a BMP image that could cause a Qt-using application to execute arbitrary code when it is loaded.


Discovery 2004-08-11
Entry 2004-08-22
qt
< 3.3.3

CVE-2004-0691
CVE-2004-0692
CVE-2004-0693
http://www.trolltech.com/developer/changes/changes-3.3.3.html
http://scary.beasts.org/security/CESA-2004-004.txt