Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 APP:TROLLTECH-QT-BMP-OF

Severity

 High

Recommended

 No

Recommended Action

 Drop

Category

 APP

Keywords

 Trolltech Qt BMP Handling Overflow

Release Date

 2004/08/25

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

APP: Trolltech Qt BMP Handling Overflow


This signature detects attempts to exploit a flaw in the Trolltech Qt image handling subsystem, which is used by the KDE Graphical Environment, commonly found in Linux and other Unix-based systems. A known vulnerability exists in the read_dib function that does not perform proper bounds checking of RLE data from a BMP file. An attacker could exploit this flaw to crash a system or possibly install malicious software when a user attempts to view a specially crafted BMP.

Extended Description

Multiple heap overflows have been reported to exist in the Qt QImage library. These issues may be triggered when handling malformed images of various types, potentially causing a denial of service in applications that use the library to render images. Remote code execution is also possible.

Affected Products

  • Avaya Intuity LX
  • Avaya MN100
  • Avaya Modular Messaging (MSS) 1.1.0
  • Avaya Modular Messaging (MSS) 2.0.0
  • Gentoo Linux 1.4.0
  • Red Hat Advanced Workstation for the Itanium Processor 2.1.0
  • Red Hat Advanced Workstation for the Itanium Processor 2.1.0 IA64
  • Red Hat Desktop 3.0.0
  • Red Hat Enterprise Linux AS 2.1
  • Red Hat Enterprise Linux AS 2.1 IA64
  • Red Hat Enterprise Linux AS 3
  • Red Hat Enterprise Linux ES 2.1
  • Red Hat Enterprise Linux ES 2.1 IA64
  • Red Hat Enterprise Linux ES 3
  • Red Hat Enterprise Linux WS 2.1
  • Red Hat Enterprise Linux WS 2.1 IA64
  • Red Hat Enterprise Linux WS 3
  • Red Hat Fedora Core1
  • Red Hat Linux 7.3.0
  • Red Hat Linux 7.3.0 I386
  • Red Hat Linux 7.3.0 I686
  • Red Hat Linux 9.0.0 I386
  • Sun Java Desktop System (JDS) 2.0.0
  • Sun Java Desktop System (JDS) 2003
  • SuSE Linux 8.1.0
  • SuSE Linux Desktop 1.0.0
  • SuSE Linux Personal 8.2.0
  • SuSE Linux Personal 9.0.0
  • SuSE SUSE Linux Enterprise Server 8
  • Trolltech Qt 2.3.1
  • Trolltech Qt 3.0.0
  • Trolltech Qt 3.0.3
  • Trolltech Qt 3.0.5
  • Trolltech Qt 3.1.0
  • Trolltech Qt 3.1.1
  • Trolltech Qt 3.1.2
  • Trolltech Qt 3.2.1
  • Trolltech Qt 3.2.3
  • Trolltech Qt 3.3.0 .0
  • Trolltech Qt 3.3.1
  • Trolltech Qt 3.3.2

References

  • BugTraq: 10977
  • CVE: CVE-2004-0691
  • URL: http://www.juniper.net/security/auto/vulnerabilities/vuln1718.html
  • URL: http://rhn.redhat.com/errata/RHSA-2004-414.html

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out