Qt 'gray-scale' Image File Buffer Overflow Vulnerability

http://www.securityfocus.com/bid/49724

Security Info

Bugtraq ID:	49724
Class:	Boundary Condition Error
CVE:	CVE-2011-3194
Remote:	Yes
Local:	No
Published:	Sep 21 2011 12:00AM
Updated:	Jul 12 2012 05:00PM
Credit:	Red Hat Security Response Team
Vulnerable:	Ubuntu Ubuntu Linux 11.04 powerpc Ubuntu Ubuntu Linux 11.04 i386 Ubuntu Ubuntu Linux 11.04 ARM Ubuntu Ubuntu Linux 11.04 amd64 Ubuntu Ubuntu Linux 10.04 sparc Ubuntu Ubuntu Linux 10.04 powerpc Ubuntu Ubuntu Linux 10.04 i386 Ubuntu Ubuntu Linux 10.04 ARM Ubuntu Ubuntu Linux 10.04 amd64 Trolltech Qt 4.6.3 Trolltech Qt 4.6.2 Trolltech Qt 4.6.1 Trolltech Qt 4.6 Trolltech Qt 4.5.2 Trolltech Qt 4.5.1 Trolltech Qt 4.4.3 Trolltech Qt 4.3.3 Trolltech Qt 4.3.2 Trolltech Qt 4.3.1 Trolltech Qt 4.3 Trolltech Qt 4.2.3 Trolltech Qt 4.2.1 Trolltech Qt 4.1.5 Trolltech Qt 4.1.4 Trolltech Qt 4.1 Trolltech Qt 4.0.1 Trolltech Qt 3.3.8 Trolltech Qt 3.3.7 Trolltech Qt 3.3.6 Trolltech Qt 3.3.5 Trolltech Qt 3.3.4 + Gentoo Linux Trolltech Qt 3.3.3 Trolltech Qt 3.3.2 Trolltech Qt 3.3.1 Trolltech Qt 3.3 .0 Trolltech Qt 3.2.3 + Conectiva Linux 10.0 + Mandriva Linux Mandrake 10.0 AMD64 + Mandriva Linux Mandrake 10.0 Trolltech Qt 3.2.1 Trolltech Qt 3.1.2 + Mandriva Linux Mandrake 9.2 amd64 + Mandriva Linux Mandrake 9.2 Trolltech Qt 3.1.1 + Conectiva Linux 9.0 Trolltech Qt 3.1 Trolltech Qt 3.0.5 Trolltech Qt 3.0.3 Trolltech Qt 3.0 Trolltech Qt 2.3.1 Trolltech Qt 4.7.0 Trolltech Qt 4.5 Trolltech Qt 4.2 Trolltech Qt 4.1 Red Hat Fedora 15 Red Hat Fedora 14 Red Hat Enterprise Linux Workstation 6 Red Hat Enterprise Linux Server EUS 6.1.z Red Hat Enterprise Linux Server 6 Red Hat Enterprise Linux HPC Node 6 Red Hat Enterprise Linux 6 + Trustix Secure Enterprise Linux 2.0 + Trustix Secure Linux 2.2 + Trustix Secure Linux 2.1 + Trustix Secure Linux 2.0

Not Vulnerable:

Security Discussion

Qt is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.

Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.

Proof of Concept and Security Exploits

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com.

Security Solution(s)

Solution:
Updates are available. Please see the references for more information.

Security References(s)

References:

Moderate: qt security update (Red Hat)

Emagined Security Blog featuring Dr. Eugene Schultz

Secure Web Programming
by Vizual Services