Mandriva Update For Qt3 MDKSA-2007:151 (qt3) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

A number of format string flaws have been discovered in how Qt handled error messages by Dirk Mueller and Tracey Parry of Portcullis Computer Security. If an application linked against Qt created an error message from user-supplied data in a certain way, it could possibly lead to the execution of arbitrary code or a denial of service. This update provides packages which are patched to prevent these issues.

Affected

qt3 on Mandriva Linux 2007.0, Mandriva Linux 2007.0/X86_64, Mandriva Linux 2007.1, Mandriva Linux 2007.1/X86_64

Severity

Classification

CVE CVE-2007-3388

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:130 (gstreamer0.10-plugins-good)
Mandrake Security Advisory MDVSA-2009:188 (php4-eaccelerator)
Mandrake Security Advisory MDVSA-2009:026-1 (phpMyAdmin)
Mandrake Security Advisory MDVSA-2009:092 (ntp)
Mandrake Security Advisory MDVSA-2009:163 (tomcat5)

Mandriva Update for qt3 MDKSA-2007:151 (qt3)

Take action and discover your vulnerabilities