Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 APP:TROLLTECH-QT-BMP-OF

Severity

 Major

Recommended

 No

Recommended Action

 Drop

Category

 APP

Keywords

 Trolltech Qt BMP Handling Overflow

Release Date

 2004/08/25

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

APP: Trolltech Qt BMP Handling Overflow


This signature detects attempts to exploit a flaw in the Trolltech Qt image handling subsystem, which is used by the KDE Graphical Environment, commonly found in Linux and other Unix-based systems. A known vulnerability exists in the read_dib function that does not perform proper bounds checking of RLE data from a BMP file. An attacker could exploit this flaw to crash a system or possibly install malicious software when a user attempts to view a specially crafted BMP.

Extended Description

Multiple heap overflows have been reported to exist in the Qt QImage library. These issues may be triggered when handling malformed images of various types, potentially causing a denial of service in applications that use the library to render images. Remote code execution is also possible.

Affected Products

  • Avaya intuity LX
  • Avaya mn100
  • Avaya modular_messaging_(mss) 1.1.0
  • Avaya modular_messaging_(mss) 2.0.0
  • Gentoo linux 1.4.0
  • Red_hat advanced_workstation_for_the_itanium_processor 2.1.0
  • Red_hat advanced_workstation_for_the_itanium_processor 2.1.0 IA64
  • Red_hat desktop 3.0.0
  • Red_hat enterprise_linux_as 2.1
  • Red_hat enterprise_linux_as 2.1 IA64
  • Red_hat enterprise_linux_as 3
  • Red_hat enterprise_linux_es 2.1
  • Red_hat enterprise_linux_es 2.1 IA64
  • Red_hat enterprise_linux_es 3
  • Red_hat enterprise_linux_ws 2.1
  • Red_hat enterprise_linux_ws 2.1 IA64
  • Red_hat enterprise_linux_ws 3
  • Red_hat fedora Core1
  • Red_hat linux 7.3.0
  • Red_hat linux 7.3.0 I386
  • Red_hat linux 7.3.0 I686
  • Red_hat linux 9.0.0 I386
  • Sun java_desktop_system_(jds) 2.0.0
  • Sun java_desktop_system_(jds) 2003
  • Suse linux 8.1.0
  • Suse linux_desktop 1.0.0
  • Suse linux_personal 8.2.0
  • Suse linux_personal 9.0.0
  • Suse suse_linux_enterprise_server 8
  • Trolltech qt 2.3.1
  • Trolltech qt 3.0.0
  • Trolltech qt 3.0.3
  • Trolltech qt 3.0.5
  • Trolltech qt 3.1.0
  • Trolltech qt 3.1.1
  • Trolltech qt 3.1.2
  • Trolltech qt 3.2.1
  • Trolltech qt 3.2.3
  • Trolltech qt 3.3.0 .0
  • Trolltech qt 3.3.1
  • Trolltech qt 3.3.2

References

  • BugTraq: 10977
  • CVE: CVE-2004-0691
  • URL: http://www.juniper.net/security/auto/vulnerabilities/vuln1718.html
  • URL: http://rhn.redhat.com/errata/RHSA-2004-414.html

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out