Test ID:	1.3.6.1.4.1.25623.1.0.58574
Category:	Mandrake Local Security Checks
Title:	Mandrake Security Advisory MDKSA-2007:183 (qt)
Summary:	Mandrake Security Advisory MDKSA-2007:183 (qt)
Description:	The remote host is missing an update to qt announced via advisory MDKSA-2007:183. A buffer overflow was found in how Qt expanded malformed Unicode strings. If an application linked against Qt parsed a malicious Unicode string, it could lead to a denial of service or potentially allow for the execution of arbitrary code. Updated packages have been patched to prevent this issue. Although the problem is not exploitable in Qt4, patched packages have been issued regardless. Affected: 2007.0, 2007.1, Corporate 3.0, Corporate 4.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2007:183 http://trolltech.com/company/newsroom/announcements/press.2007-09-03.7564032119 Risk factor : High
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2007-4137 Bugtraq: 20071004 FLEA-2007-0059-1 qt qt-tools (Google Search) http://www.securityfocus.com/archive/1/archive/1/481498/100/0/threaded http://dist.trolltech.com/developer/download/175791_3.diff http://dist.trolltech.com/developer/download/175791_4.diff https://bugzilla.redhat.com/show_bug.cgi?id=269001 Debian Security Information: DSA-1426 (Google Search) http://www.debian.org/security/2007/dsa-1426 http://fedoranews.org/updates/FEDORA-2007-221.shtml http://fedoranews.org/updates/FEDORA-2007-703.shtml http://security.gentoo.org/glsa/glsa-200710-28.xml http://security.gentoo.org/glsa/glsa-200712-08.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:183 http://www.redhat.com/support/errata/RHSA-2007-0883.html SGI Security Advisory: 20070901-01-P ftp://patches.sgi.com/support/free/security/advisories/20070901-01-P.asc SuSE Security Announcement: SUSE-SR:2007:019 (Google Search) http://www.novell.com/linux/security/advisories/2007_19_sr.html http://www.ubuntu.com/usn/usn-513-1 BugTraq ID: 25657 http://www.securityfocus.com/bid/25657 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11159 http://www.vupen.com/english/advisories/2007/3144 http://osvdb.org/39384 http://securitytracker.com/id?1018688 http://secunia.com/advisories/26778 http://secunia.com/advisories/26782 http://secunia.com/advisories/26811 http://secunia.com/advisories/26857 http://secunia.com/advisories/26804 http://secunia.com/advisories/26868 http://secunia.com/advisories/26882 http://secunia.com/advisories/27053 http://secunia.com/advisories/26987 http://secunia.com/advisories/27275 http://secunia.com/advisories/27382 http://secunia.com/advisories/27996 http://secunia.com/advisories/28021
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.

New User Registration Email: UserID: Passwd: Please email me your monthly newsletters, informing the latest services, improvements & surveys. Please email me a vulnerability test announcement whenever a new test is added.     Privacy

Registered User Login   UserID:     Passwd:     Forgot userid or passwd? Email/Userid: