Network Security Audits / Vulnerability Assessments by SecuritySpace

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

--------------------------------------------------------------------------
   Turbolinux Security Advisory TLSA-2007-51
   http://www.turbolinux.co.jp/security/
                                             security-team@turbolinux.co.jp
--------------------------------------------------------------------------

Original released date: 15 Oct 2007
Last revised: 15 Oct 2007

Package: qt3

Summary: Multiple format string vulnerabilities

More information:
    Qt is a complete and well-designed multi-platform object-oriented
    framework for developing graphical user interface (GUI) applications using C++.

    Remote attackers to execute arbitrary code via format string specifiers in
    text used to compose an error message.

Impact:
    These vulnerabilities may allow remote attackers to execute arbitrary code .

Affected Products:

    - wizpy
    - Turbolinux FUJI
    - Turbolinux 10 Server x64 Edition
    - Turbolinux 10 Server
    - Turbolinux Home
    - Turbolinux 10 F...
    - Turbolinux 10 Desktop
    - Turbolinux Multimedia
    - Turbolinux Personal

<wizpy>

   Source Packages
   Size: MD5

   qt3-3.3.4-17.src.rpm
     14669346 ddebe970cacc32afab785d267ab2403c

   Binary Packages
   Size: MD5

   qt3-3.3.4-17.i386.rpm
      5484453 983f20fbce3b80a40cbd6340ceb62e3a

<Turbolinux FUJI>

   Source Packages
   Size: MD5

   qt3-3.3.4-17.src.rpm
     14669346 cbe5a35b4aa22b06f0b8817862443d32

   Binary Packages
   Size: MD5

   qt3-3.3.4-17.i686.rpm
      6467181 0388a33fd26cb5c85e8f54eee88bc823
   qt3-devel-3.3.4-17.i686.rpm
      3730896 f6e22573ce444827367564a6db04282a
   qt3-doc-3.3.4-17.i686.rpm
      8072628 174aca0a75390eb2747ec21a75d87b25
   qt3-examples-3.3.4-17.i686.rpm
      4005990 a8914d510bede1ce79dcebc8be717e94
   qt3-sql-ODBC-3.3.4-17.i686.rpm
        51433 7dae79ee0378df8face0f1c7c7d2f844
   qt3-sql-MySQL-3.3.4-17.i686.rpm
        32498 cbc85ed7df80cdb5b9b45695217251ae
   qt3-sql-postgresql-3.3.4-17.i686.rpm
        40144 289504f51cf7ea45e360ce078a13efa7
   qt3-tools-3.3.4-17.i686.rpm
      2120682 e5e93bc5689340dac806fde7eda6fed6

<Turbolinux 10 Server x64 Edition>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/SRPMS/qt3-3.2.3-18.src.rpm
     14032474 64a63e1b52a4ed36dfed4c32db7f2384

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/qt3-3.2.3-18.x86_64.rpm
      5805315 3098d0134a622d0fec0eeb002369c360
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/qt3-devel-3.2.3-18.x86_64.rpm
      3088189 2b0424447fbde1e59eb12fb09edff3fd
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/qt3-tools-3.2.3-18.x86_64.rpm
      2048360 93ba7098f267ece9e2a98f0448f1f20b

<Turbolinux 10 Server>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/SRPMS/qt3-3.2.3-18.src.rpm
     14032474 7b0d0862485b38cb69059559ff3457a6

   Binary Packages
   Size: MD5

   qt3-3.2.3-18.i586.rpm
      5482313 edea39c910925faa1a64e76eaf164ea9
   qt3-devel-3.2.3-18.i586.rpm
      3022405 758cc01512a2b49cae16f657c0706aae
   qt3-tools-3.2.3-18.i586.rpm
      1966476 222e5910394e7a917d830c145a2b092b

<Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/SRPMS/qt3-3.2.3-18.src.rpm
     14109409 147c53bfd0ac4087f23382c476a45c00

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/qt3-3.2.3-18.i586.rpm
      5452603 b691bd185be48de26b9d2f8d52089954
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/qt3-devel-3.2.3-18.i586.rpm
      3017666 3d48d8db8e7c3d173391ddbfcc7ed345
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/qt3-tools-3.2.3-18.i586.rpm
      1957141 dc215210a7826b7431e4eff598a242dc

References:

CVE
   [CVE-2007-3388]
   http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3388
   [CVE-2007-4137]
   http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4137

--------------------------------------------------------------------------
Revision History
    15 Oct 2007 Initial release
--------------------------------------------------------------------------

Copyright(C) 2007 Turbolinux, Inc. All rights reserved.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFHE0lhK0LzjOqIJMwRAqTOAJ9N5guAF1rA5EMYVmieRoTC2iCghwCeNOV0
dkG5/nyO06TM09Z0cKJElEs=
=JfNx
-----END PGP SIGNATURE-----