{ "threat_severity" : "Critical", "public_date" : "2006-10-13T23:06:00Z", "bugzilla" : { "description" : "security flaw", "id" : "1618204", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1618204" }, "details" : [ "Integer overflow in Qt 3.3 before 3.3.7, 4.1 before 4.1.5, and 4.2 before 4.2.1, as used in the KDE khtml library, kdelibs 3.1.3, and possibly other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted pixmap image." ], "statement" : "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 2.1", "release_date" : "2006-10-18T00:00:00Z", "advisory" : "RHSA-2006:0720", "cpe" : "cpe:/o:redhat:enterprise_linux:2.1", "package" : "kdelibs-6:2.2.2-21.EL2" }, { "product_name" : "Red Hat Enterprise Linux 2.1", "release_date" : "2006-11-01T00:00:00Z", "advisory" : "RHSA-2006:0725", "cpe" : "cpe:/o:redhat:enterprise_linux:2.1", "package" : "qt-1:2.3.1-12.EL2" }, { "product_name" : "Red Hat Enterprise Linux 3", "release_date" : "2006-10-18T00:00:00Z", "advisory" : "RHSA-2006:0720", "cpe" : "cpe:/o:redhat:enterprise_linux:3", "package" : "kdelibs-6:3.1.3-6.12" }, { "product_name" : "Red Hat Enterprise Linux 3", "release_date" : "2006-11-01T00:00:00Z", "advisory" : "RHSA-2006:0725", "cpe" : "cpe:/o:redhat:enterprise_linux:3", "package" : "qt-1:3.1.2-14.RHEL3" }, { "product_name" : "Red Hat Enterprise Linux 4", "release_date" : "2006-10-18T00:00:00Z", "advisory" : "RHSA-2006:0720", "cpe" : "cpe:/o:redhat:enterprise_linux:4", "package" : "kdelibs-6:3.3.1-6.RHEL4" }, { "product_name" : "Red Hat Enterprise Linux 4", "release_date" : "2006-11-01T00:00:00Z", "advisory" : "RHSA-2006:0725", "cpe" : "cpe:/o:redhat:enterprise_linux:4", "package" : "qt-1:3.3.3-10.RHEL4" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2006-4811\nhttps://nvd.nist.gov/vuln/detail/CVE-2006-4811" ], "name" : "CVE-2006-4811", "csaw" : false }