Test ID:	1.3.6.1.4.1.25623.1.0.57522
Category:	Red Hat Local Security Checks
Title:	RedHat Security Advisory RHSA-2006:0720
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory RHSA-2006:0720. The kdelibs package provides libraries for the K Desktop Environment (KDE). Qt is a GUI software toolkit for the X Window System. An integer overflow flaw was found in the way Qt handled pixmap images. The KDE khtml library uses Qt in such a way that untrusted parameters could be passed to Qt, triggering the overflow. An attacker could for example create a malicious web page that when viewed by a victim in the Konqueror browser would cause Konqueror to crash or possibly execute arbitrary code with the privileges of the victim. (CVE-2006-4811) Users of KDE should upgrade to these updated packages, which contain a backported patch to correct this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2006-0720.html http://www.redhat.com/security/updates/classification/#critical Risk factor : High CVSS Score: 7.5
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-4811 1017084 http://securitytracker.com/id?1017084 20061002-01-P ftp://patches.sgi.com/support/free/security/advisories/20061002-01-P 20061018 rPSA-2006-0195-1 kdelibs http://www.securityfocus.com/archive/1/449173/100/0/threaded 20061101-01-P ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P 20599 http://www.securityfocus.com/bid/20599 22380 http://secunia.com/advisories/22380 22397 http://secunia.com/advisories/22397 22479 http://secunia.com/advisories/22479 22485 http://secunia.com/advisories/22485 22492 http://secunia.com/advisories/22492 22520 http://secunia.com/advisories/22520 22579 http://secunia.com/advisories/22579 22586 http://secunia.com/advisories/22586 22589 http://secunia.com/advisories/22589 22645 http://secunia.com/advisories/22645 22738 http://secunia.com/advisories/22738 22890 http://secunia.com/advisories/22890 22929 http://secunia.com/advisories/22929 24347 http://secunia.com/advisories/24347 ADV-2006-4099 http://www.vupen.com/english/advisories/2006/4099 DSA-1200 http://www.us.debian.org/security/2006/dsa-1200 GLSA-200611-02 http://security.gentoo.org/glsa/glsa-200611-02.xml GLSA-200703-06 http://security.gentoo.org/glsa/glsa-200703-06.xml MDKSA-2006:186 http://www.mandriva.com/security/advisories?name=MDKSA-2006:186 MDKSA-2006:187 http://www.mandriva.com/security/advisories?name=MDKSA-2006:187 RHSA-2006:0720 http://www.redhat.com/support/errata/RHSA-2006-0720.html RHSA-2006:0725 http://www.redhat.com/support/errata/RHSA-2006-0725.html SSA:2006-298-01 http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.483634 SUSE-SA:2006:063 http://lists.suse.com/archive/suse-security-announce/2006-Oct/0006.html USN-368-1 http://www.ubuntu.com/usn/usn-368-1 http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210742 http://www.trolltech.com/company/newsroom/announcements/press.2006-10-19.5434451733 https://issues.rpath.com/browse/RPL-723 oval:org.mitre.oval:def:10218 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10218
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.