Test ID:	1.3.6.1.4.1.25623.1.1.1.2.2015.210
Category:	Debian Local Security Checks
Title:	Debian: Security Advisory (DLA-210-1)
Summary:	The remote host is missing an update for the Debian 'qt4-x11' package(s) announced via the DLA-210-1 advisory.
Description:	Summary: The remote host is missing an update for the Debian 'qt4-x11' package(s) announced via the DLA-210-1 advisory. Vulnerability Insight: This update fixes multiple security issues in the Qt library. CVE-2013-0254 The QSharedMemory class uses weak permissions (world-readable and world-writable) for shared memory segments, which allows local users to read sensitive information or modify critical program data, as demonstrated by reading a pixmap being sent to an X server. CVE-2015-0295 / CVE-2015-1858 / CVE-2015-1859 / CVE-2015-1860 Denial of service (via segmentation faults) through crafted images (BMP, GIF, ICO). Affected Software/OS: 'qt4-x11' package(s) on Debian 6. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2013-0254 http://lists.qt-project.org/pipermail/announce/2013-February/000023.html RedHat Security Advisories: RHSA-2013:0669 http://rhn.redhat.com/errata/RHSA-2013-0669.html SuSE Security Announcement: openSUSE-SU-2013:0403 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-03/msg00014.html SuSE Security Announcement: openSUSE-SU-2013:0404 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-03/msg00015.html SuSE Security Announcement: openSUSE-SU-2013:0411 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-03/msg00019.html Common Vulnerability Exposure (CVE) ID: CVE-2015-0295 73029 http://www.securityfocus.com/bid/73029 FEDORA-2015-2866 http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151034.html FEDORA-2015-2869 http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151121.html FEDORA-2015-2886 http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151138.html FEDORA-2015-2895 http://lists.fedoraproject.org/pipermail/package-announce/2015-March/150800.html FEDORA-2015-2897 http://lists.fedoraproject.org/pipermail/package-announce/2015-March/150940.html FEDORA-2015-2901 http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151352.html USN-2626-1 http://www.ubuntu.com/usn/USN-2626-1 [Announce] 20150227 Qt Security Advisory: DoS vulnerability in the BMP image handler http://lists.qt-project.org/pipermail/announce/2015-February/000059.html openSUSE-SU-2015:0573 http://lists.opensuse.org/opensuse-updates/2015-03/msg00068.html Common Vulnerability Exposure (CVE) ID: CVE-2015-1858 74309 http://www.securityfocus.com/bid/74309 FEDORA-2015-6114 http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155424.html FEDORA-2015-6123 http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155927.html FEDORA-2015-6252 http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156727.html FEDORA-2015-6315 http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155962.html FEDORA-2015-6364 http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155976.html GLSA-201603-10 https://security.gentoo.org/glsa/201603-10 [Announce] 20150413 Qt Project Security Advisory - Multiple Vulnerabilities in Qt Image Format Handling http://lists.qt-project.org/pipermail/announce/2015-April/000067.html https://codereview.qt-project.org/#/c/108312/ Common Vulnerability Exposure (CVE) ID: CVE-2015-1859 74307 http://www.securityfocus.com/bid/74307 74310 http://www.securityfocus.com/bid/74310 Common Vulnerability Exposure (CVE) ID: CVE-2015-1860 74302 http://www.securityfocus.com/bid/74302 FEDORA-2015-6573 http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156937.html FEDORA-2015-6613 http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155947.html FEDORA-2015-6661 http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156761.html https://codereview.qt-project.org/#/c/108248/
Copyright	Copyright (C) 2023 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.