Vulnerabilites related to trolltech - qt
CVE-2005-0627 (GCVE-0-2005-0627)
Vulnerability from cvelistv5
Published
2005-03-04 05:00
Modified
2024-08-07 21:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Qt before 3.3.4 searches the BUILD_PREFIX directory, which could be world-writable, to load shared libraries regardless of the LD_LIBRARY_PATH environment variable, which allows local users to execute arbitrary programs.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:21:06.462Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "12695",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12695"
},
{
"name": "GLSA-200503-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-01.xml"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=75181"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-03-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Qt before 3.3.4 searches the BUILD_PREFIX directory, which could be world-writable, to load shared libraries regardless of the LD_LIBRARY_PATH environment variable, which allows local users to execute arbitrary programs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-15T16:37:04",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "12695",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12695"
},
{
"name": "GLSA-200503-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-01.xml"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=75181"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0627",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Qt before 3.3.4 searches the BUILD_PREFIX directory, which could be world-writable, to load shared libraries regardless of the LD_LIBRARY_PATH environment variable, which allows local users to execute arbitrary programs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "12695",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12695"
},
{
"name": "GLSA-200503-01",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-01.xml"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=75181",
"refsource": "MISC",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=75181"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0627",
"datePublished": "2005-03-04T05:00:00",
"dateReserved": "2005-03-04T00:00:00",
"dateUpdated": "2024-08-07T21:21:06.462Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0693 (GCVE-0-2004-0693)
Vulnerability from cvelistv5
Published
2004-08-25 04:00
Modified
2024-08-08 00:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The GIF parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0692.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:24:27.165Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-200408-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200408-20.xml"
},
{
"name": "SUSE-SA:2004:027",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2004_27_qt3.html"
},
{
"name": "RHSA-2004:414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-414.html"
},
{
"name": "qt-gif-dos(17042)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17042"
},
{
"name": "DSA-542",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-542"
},
{
"name": "201610",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201610-1"
},
{
"name": "oval:org.mitre.oval:def:10883",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10883"
},
{
"name": "MDKSA-2004:085",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:085"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-08-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The GIF parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0692."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-200408-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200408-20.xml"
},
{
"name": "SUSE-SA:2004:027",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2004_27_qt3.html"
},
{
"name": "RHSA-2004:414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-414.html"
},
{
"name": "qt-gif-dos(17042)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17042"
},
{
"name": "DSA-542",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-542"
},
{
"name": "201610",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201610-1"
},
{
"name": "oval:org.mitre.oval:def:10883",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10883"
},
{
"name": "MDKSA-2004:085",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:085"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0693",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The GIF parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0692."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-200408-20",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200408-20.xml"
},
{
"name": "SUSE-SA:2004:027",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2004_27_qt3.html"
},
{
"name": "RHSA-2004:414",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-414.html"
},
{
"name": "qt-gif-dos(17042)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17042"
},
{
"name": "DSA-542",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-542"
},
{
"name": "201610",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201610-1"
},
{
"name": "oval:org.mitre.oval:def:10883",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10883"
},
{
"name": "MDKSA-2004:085",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:085"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0693",
"datePublished": "2004-08-25T04:00:00",
"dateReserved": "2004-07-13T00:00:00",
"dateUpdated": "2024-08-08T00:24:27.165Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0691 (GCVE-0-2004-0691)
Vulnerability from cvelistv5
Published
2004-08-25 04:00
Modified
2024-08-08 00:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap-based buffer overflow in the BMP image format parser for the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:24:27.113Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:9485",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9485"
},
{
"name": "GLSA-200408-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200408-20.xml"
},
{
"name": "SUSE-SA:2004:027",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2004_27_qt3.html"
},
{
"name": "RHSA-2004:414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-414.html"
},
{
"name": "DSA-542",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-542"
},
{
"name": "qt-bmp-bo(17040)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17040"
},
{
"name": "201610",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201610-1"
},
{
"name": "20040818 CESA-2004-004: qt",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109295309008309\u0026w=2"
},
{
"name": "MDKSA-2004:085",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:085"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-08-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the BMP image format parser for the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:9485",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9485"
},
{
"name": "GLSA-200408-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200408-20.xml"
},
{
"name": "SUSE-SA:2004:027",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2004_27_qt3.html"
},
{
"name": "RHSA-2004:414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-414.html"
},
{
"name": "DSA-542",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-542"
},
{
"name": "qt-bmp-bo(17040)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17040"
},
{
"name": "201610",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201610-1"
},
{
"name": "20040818 CESA-2004-004: qt",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109295309008309\u0026w=2"
},
{
"name": "MDKSA-2004:085",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:085"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0691",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the BMP image format parser for the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:9485",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9485"
},
{
"name": "GLSA-200408-20",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200408-20.xml"
},
{
"name": "SUSE-SA:2004:027",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2004_27_qt3.html"
},
{
"name": "RHSA-2004:414",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-414.html"
},
{
"name": "DSA-542",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-542"
},
{
"name": "qt-bmp-bo(17040)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17040"
},
{
"name": "201610",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201610-1"
},
{
"name": "20040818 CESA-2004-004: qt",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=109295309008309\u0026w=2"
},
{
"name": "MDKSA-2004:085",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:085"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0691",
"datePublished": "2004-08-25T04:00:00",
"dateReserved": "2004-07-13T00:00:00",
"dateUpdated": "2024-08-08T00:24:27.113Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4137 (GCVE-0-2007-4137)
Vulnerability from cvelistv5
Published
2007-09-18 19:00
Modified
2024-08-07 14:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:46:38.696Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=192472"
},
{
"name": "MDKSA-2007:183",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:183"
},
{
"name": "SUSE-SR:2007:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html"
},
{
"name": "26868",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26868"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-424.htm"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-1751"
},
{
"name": "26811",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26811"
},
{
"name": "oval:org.mitre.oval:def:11159",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11159"
},
{
"name": "27053",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27053"
},
{
"name": "27996",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27996"
},
{
"name": "27275",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27275"
},
{
"name": "27382",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27382"
},
{
"name": "26857",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26857"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://trolltech.com/company/newsroom/announcements/press.2007-09-03.7564032119"
},
{
"name": "26778",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26778"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=269001"
},
{
"name": "26882",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26882"
},
{
"name": "26987",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26987"
},
{
"name": "GLSA-200710-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200710-28.xml"
},
{
"name": "ADV-2007-3144",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3144"
},
{
"name": "20070901-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070901-01-P.asc"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://dist.trolltech.com/developer/download/175791_4.diff"
},
{
"name": "39384",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/39384"
},
{
"name": "26804",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26804"
},
{
"name": "26782",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26782"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://dist.trolltech.com/developer/download/175791_3.diff"
},
{
"name": "FEDORA-2007-703",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://fedoranews.org/updates/FEDORA-2007-703.shtml"
},
{
"name": "FEDORA-2007-2216",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://fedoranews.org/updates/FEDORA-2007-221.shtml"
},
{
"name": "GLSA-200712-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200712-08.xml"
},
{
"name": "28021",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28021"
},
{
"name": "RHSA-2007:0883",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0883.html"
},
{
"name": "1018688",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1018688"
},
{
"name": "20071004 FLEA-2007-0059-1 qt qt-tools",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/481498/100/0/threaded"
},
{
"name": "USN-513-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-513-1"
},
{
"name": "25657",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25657"
},
{
"name": "DSA-1426",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1426"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-09-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=192472"
},
{
"name": "MDKSA-2007:183",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:183"
},
{
"name": "SUSE-SR:2007:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html"
},
{
"name": "26868",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26868"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-424.htm"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-1751"
},
{
"name": "26811",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26811"
},
{
"name": "oval:org.mitre.oval:def:11159",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11159"
},
{
"name": "27053",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27053"
},
{
"name": "27996",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27996"
},
{
"name": "27275",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27275"
},
{
"name": "27382",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27382"
},
{
"name": "26857",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26857"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://trolltech.com/company/newsroom/announcements/press.2007-09-03.7564032119"
},
{
"name": "26778",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26778"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=269001"
},
{
"name": "26882",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26882"
},
{
"name": "26987",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26987"
},
{
"name": "GLSA-200710-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200710-28.xml"
},
{
"name": "ADV-2007-3144",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3144"
},
{
"name": "20070901-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070901-01-P.asc"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://dist.trolltech.com/developer/download/175791_4.diff"
},
{
"name": "39384",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/39384"
},
{
"name": "26804",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26804"
},
{
"name": "26782",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26782"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://dist.trolltech.com/developer/download/175791_3.diff"
},
{
"name": "FEDORA-2007-703",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://fedoranews.org/updates/FEDORA-2007-703.shtml"
},
{
"name": "FEDORA-2007-2216",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://fedoranews.org/updates/FEDORA-2007-221.shtml"
},
{
"name": "GLSA-200712-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200712-08.xml"
},
{
"name": "28021",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28021"
},
{
"name": "RHSA-2007:0883",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0883.html"
},
{
"name": "1018688",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1018688"
},
{
"name": "20071004 FLEA-2007-0059-1 qt qt-tools",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/481498/100/0/threaded"
},
{
"name": "USN-513-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-513-1"
},
{
"name": "25657",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25657"
},
{
"name": "DSA-1426",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1426"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2007-4137",
"datePublished": "2007-09-18T19:00:00",
"dateReserved": "2007-08-02T00:00:00",
"dateUpdated": "2024-08-07T14:46:38.696Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0692 (GCVE-0-2004-0692)
Vulnerability from cvelistv5
Published
2004-08-25 04:00
Modified
2024-08-08 00:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The XPM parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0693.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:24:27.088Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-200408-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200408-20.xml"
},
{
"name": "SUSE-SA:2004:027",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2004_27_qt3.html"
},
{
"name": "RHSA-2004:414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-414.html"
},
{
"name": "qt-xpm-dos(17041)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17041"
},
{
"name": "DSA-542",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-542"
},
{
"name": "FLSA:2314",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110979666528890\u0026w=2"
},
{
"name": "201610",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201610-1"
},
{
"name": "oval:org.mitre.oval:def:10327",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10327"
},
{
"name": "MDKSA-2004:085",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:085"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-08-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The XPM parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0693."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-200408-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200408-20.xml"
},
{
"name": "SUSE-SA:2004:027",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2004_27_qt3.html"
},
{
"name": "RHSA-2004:414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-414.html"
},
{
"name": "qt-xpm-dos(17041)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17041"
},
{
"name": "DSA-542",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-542"
},
{
"name": "FLSA:2314",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110979666528890\u0026w=2"
},
{
"name": "201610",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201610-1"
},
{
"name": "oval:org.mitre.oval:def:10327",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10327"
},
{
"name": "MDKSA-2004:085",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:085"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0692",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The XPM parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0693."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-200408-20",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200408-20.xml"
},
{
"name": "SUSE-SA:2004:027",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2004_27_qt3.html"
},
{
"name": "RHSA-2004:414",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-414.html"
},
{
"name": "qt-xpm-dos(17041)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17041"
},
{
"name": "DSA-542",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-542"
},
{
"name": "FLSA:2314",
"refsource": "FEDORA",
"url": "http://marc.info/?l=bugtraq\u0026m=110979666528890\u0026w=2"
},
{
"name": "201610",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201610-1"
},
{
"name": "oval:org.mitre.oval:def:10327",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10327"
},
{
"name": "MDKSA-2004:085",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:085"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0692",
"datePublished": "2004-08-25T04:00:00",
"dateReserved": "2004-07-13T00:00:00",
"dateUpdated": "2024-08-08T00:24:27.088Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-3388 (GCVE-0-2007-3388)
Vulnerability from cvelistv5
Published
2007-08-03 20:00
Modified
2024-08-07 14:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple format string vulnerabilities in (1) qtextedit.cpp, (2) qdatatable.cpp, (3) qsqldatabase.cpp, (4) qsqlindex.cpp, (5) qsqlrecord.cpp, (6) qglobal.cpp, and (7) qsvgdevice.cpp in QTextEdit in Trolltech Qt 3 before 3.3.8 20070727 allow remote attackers to execute arbitrary code via format string specifiers in text used to compose an error message.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:14:12.934Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-1597"
},
{
"name": "1018485",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1018485"
},
{
"name": "26385",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26385"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://trolltech.com/company/newsroom/announcements/press.2007-07-27.7503755960"
},
{
"name": "26298",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26298"
},
{
"name": "GLSA-200710-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200710-28.xml"
},
{
"name": "USN-495-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-495-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-388.htm"
},
{
"name": "ADV-2007-2733",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2733"
},
{
"name": "SUSE-SA:2007:048",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_48_qt3.html"
},
{
"name": "26284",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26284"
},
{
"name": "MDKSA-2007:151",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:151"
},
{
"name": "27996",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27996"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://dist.trolltech.com/developer/download/170529.diff"
},
{
"name": "26882",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26882"
},
{
"name": "26607",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26607"
},
{
"name": "26264",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26264"
},
{
"name": "GLSA-200708-16",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200708-16.xml"
},
{
"name": "26291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26291"
},
{
"name": "24460",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24460"
},
{
"name": "26306",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26306"
},
{
"name": "26804",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26804"
},
{
"name": "25154",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25154"
},
{
"name": "20070803 FLEA-2007-0042-1 qt",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/475480/30/5550/threaded"
},
{
"name": "26852",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26852"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=185446"
},
{
"name": "FEDORA-2007-703",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://fedoranews.org/updates/FEDORA-2007-703.shtml"
},
{
"name": "FEDORA-2007-2216",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://fedoranews.org/updates/FEDORA-2007-221.shtml"
},
{
"name": "20070801-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc"
},
{
"name": "GLSA-200712-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200712-08.xml"
},
{
"name": "28021",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28021"
},
{
"name": "RHSA-2007:0721",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0721.html"
},
{
"name": "oval:org.mitre.oval:def:9690",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9690"
},
{
"name": "26295",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26295"
},
{
"name": "SSA:2007-222-03",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.354168"
},
{
"name": "DSA-1426",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1426"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple format string vulnerabilities in (1) qtextedit.cpp, (2) qdatatable.cpp, (3) qsqldatabase.cpp, (4) qsqlindex.cpp, (5) qsqlrecord.cpp, (6) qglobal.cpp, and (7) qsvgdevice.cpp in QTextEdit in Trolltech Qt 3 before 3.3.8 20070727 allow remote attackers to execute arbitrary code via format string specifiers in text used to compose an error message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-1597"
},
{
"name": "1018485",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1018485"
},
{
"name": "26385",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26385"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://trolltech.com/company/newsroom/announcements/press.2007-07-27.7503755960"
},
{
"name": "26298",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26298"
},
{
"name": "GLSA-200710-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200710-28.xml"
},
{
"name": "USN-495-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-495-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-388.htm"
},
{
"name": "ADV-2007-2733",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2733"
},
{
"name": "SUSE-SA:2007:048",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_48_qt3.html"
},
{
"name": "26284",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26284"
},
{
"name": "MDKSA-2007:151",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:151"
},
{
"name": "27996",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27996"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://dist.trolltech.com/developer/download/170529.diff"
},
{
"name": "26882",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26882"
},
{
"name": "26607",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26607"
},
{
"name": "26264",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26264"
},
{
"name": "GLSA-200708-16",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200708-16.xml"
},
{
"name": "26291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26291"
},
{
"name": "24460",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24460"
},
{
"name": "26306",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26306"
},
{
"name": "26804",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26804"
},
{
"name": "25154",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25154"
},
{
"name": "20070803 FLEA-2007-0042-1 qt",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/475480/30/5550/threaded"
},
{
"name": "26852",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26852"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=185446"
},
{
"name": "FEDORA-2007-703",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://fedoranews.org/updates/FEDORA-2007-703.shtml"
},
{
"name": "FEDORA-2007-2216",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://fedoranews.org/updates/FEDORA-2007-221.shtml"
},
{
"name": "20070801-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc"
},
{
"name": "GLSA-200712-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200712-08.xml"
},
{
"name": "28021",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28021"
},
{
"name": "RHSA-2007:0721",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0721.html"
},
{
"name": "oval:org.mitre.oval:def:9690",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9690"
},
{
"name": "26295",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26295"
},
{
"name": "SSA:2007-222-03",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.354168"
},
{
"name": "DSA-1426",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1426"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2007-3388",
"datePublished": "2007-08-03T20:00:00",
"dateReserved": "2007-06-25T00:00:00",
"dateUpdated": "2024-08-07T14:14:12.934Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2007-09-18 19:17
Modified
2025-04-09 00:30
Severity ?
Summary
Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | ftp://patches.sgi.com/support/free/security/advisories/20070901-01-P.asc | ||
| secalert@redhat.com | http://bugs.gentoo.org/show_bug.cgi?id=192472 | ||
| secalert@redhat.com | http://dist.trolltech.com/developer/download/175791_3.diff | ||
| secalert@redhat.com | http://dist.trolltech.com/developer/download/175791_4.diff | ||
| secalert@redhat.com | http://fedoranews.org/updates/FEDORA-2007-221.shtml | ||
| secalert@redhat.com | http://fedoranews.org/updates/FEDORA-2007-703.shtml | ||
| secalert@redhat.com | http://osvdb.org/39384 | ||
| secalert@redhat.com | http://secunia.com/advisories/26778 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/26782 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/26804 | ||
| secalert@redhat.com | http://secunia.com/advisories/26811 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/26857 | ||
| secalert@redhat.com | http://secunia.com/advisories/26868 | ||
| secalert@redhat.com | http://secunia.com/advisories/26882 | ||
| secalert@redhat.com | http://secunia.com/advisories/26987 | ||
| secalert@redhat.com | http://secunia.com/advisories/27053 | ||
| secalert@redhat.com | http://secunia.com/advisories/27275 | ||
| secalert@redhat.com | http://secunia.com/advisories/27382 | ||
| secalert@redhat.com | http://secunia.com/advisories/27996 | ||
| secalert@redhat.com | http://secunia.com/advisories/28021 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-200710-28.xml | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-200712-08.xml | ||
| secalert@redhat.com | http://securitytracker.com/id?1018688 | ||
| secalert@redhat.com | http://support.avaya.com/elmodocs2/security/ASA-2007-424.htm | ||
| secalert@redhat.com | http://trolltech.com/company/newsroom/announcements/press.2007-09-03.7564032119 | ||
| secalert@redhat.com | http://www.debian.org/security/2007/dsa-1426 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2007:183 | ||
| secalert@redhat.com | http://www.novell.com/linux/security/advisories/2007_19_sr.html | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2007-0883.html | ||
| secalert@redhat.com | http://www.securityfocus.com/archive/1/481498/100/0/threaded | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/25657 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/usn-513-1 | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2007/3144 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=269001 | ||
| secalert@redhat.com | https://issues.rpath.com/browse/RPL-1751 | ||
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11159 | ||
| af854a3a-2127-422b-91ae-364da2661108 | ftp://patches.sgi.com/support/free/security/advisories/20070901-01-P.asc | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://bugs.gentoo.org/show_bug.cgi?id=192472 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://dist.trolltech.com/developer/download/175791_3.diff | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://dist.trolltech.com/developer/download/175791_4.diff | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://fedoranews.org/updates/FEDORA-2007-221.shtml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://fedoranews.org/updates/FEDORA-2007-703.shtml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://osvdb.org/39384 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26778 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26782 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26804 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26811 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26857 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26868 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26882 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26987 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27053 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27275 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27382 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27996 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/28021 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200710-28.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200712-08.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1018688 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.avaya.com/elmodocs2/security/ASA-2007-424.htm | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://trolltech.com/company/newsroom/announcements/press.2007-09-03.7564032119 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2007/dsa-1426 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:183 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2007_19_sr.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-0883.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/481498/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/25657 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/usn-513-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/3144 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=269001 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://issues.rpath.com/browse/RPL-1751 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11159 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| conectiva | linux | 9.0 | |
| conectiva | linux | 10.0 | |
| gentoo | linux | * | |
| mandrakesoft | mandrake_linux | 9.2 | |
| mandrakesoft | mandrake_linux | 9.2 | |
| mandrakesoft | mandrake_linux | 10.0 | |
| mandrakesoft | mandrake_linux | 10.0 | |
| mandrakesoft | mandrake_linux | 2007 | |
| mandrakesoft | mandrake_linux | 2007 | |
| mandrakesoft | mandrake_linux | 2007.1 | |
| mandrakesoft | mandrake_linux | 2007.1 | |
| mandrakesoft | mandrake_linux_corporate_server | 3.0 | |
| mandrakesoft | mandrake_linux_corporate_server | 3.0 | |
| mandrakesoft | mandrake_linux_corporate_server | 4.0 | |
| mandrakesoft | mandrake_linux_corporate_server | 4.0 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 4.0 | |
| redhat | enterprise_linux | 4.0 | |
| redhat | enterprise_linux | 4.0 | |
| redhat | enterprise_linux | 5.0 | |
| redhat | enterprise_linux | 5.0 | |
| redhat | enterprise_linux | 5.0 | |
| redhat | linux | 2.1 | |
| redhat | linux | 3.0 | |
| redhat | linux | 4.0 | |
| ubuntu | ubuntu_linux | 6.06_lts | |
| ubuntu | ubuntu_linux | 6.06_lts | |
| ubuntu | ubuntu_linux | 6.06_lts | |
| ubuntu | ubuntu_linux | 6.06_lts | |
| ubuntu | ubuntu_linux | 6.10 | |
| ubuntu | ubuntu_linux | 6.10 | |
| ubuntu | ubuntu_linux | 6.10 | |
| ubuntu | ubuntu_linux | 6.10 | |
| ubuntu | ubuntu_linux | 7.04 | |
| ubuntu | ubuntu_linux | 7.04 | |
| ubuntu | ubuntu_linux | 7.04 | |
| ubuntu | ubuntu_linux | 7.04 | |
| trolltech | qt | 3.0 | |
| trolltech | qt | 3.0.3 | |
| trolltech | qt | 3.0.5 | |
| trolltech | qt | 3.1 | |
| trolltech | qt | 3.1.1 | |
| trolltech | qt | 3.1.2 | |
| trolltech | qt | 3.2.1 | |
| trolltech | qt | 3.2.3 | |
| trolltech | qt | 3.3.0 | |
| trolltech | qt | 3.3.1 | |
| trolltech | qt | 3.3.2 | |
| trolltech | qt | 3.3.3 | |
| trolltech | qt | 3.3.4 | |
| trolltech | qt | 3.3.5 | |
| trolltech | qt | 3.3.6 | |
| trolltech | qt | 3.3.7 | |
| trolltech | qt | 3.3.8 | |
| trolltech | qt | 4.1 | |
| trolltech | qt | 4.1.4 | |
| trolltech | qt | 4.1.5 | |
| trolltech | qt | 4.2 | |
| trolltech | qt | 4.2.1 | |
| trolltech | qt | 4.2.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
"matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
"matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "02362C25-B373-4FB1-AF4A-2AFC7F7D4387",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "19AD5F8D-6EB9-4E4B-9E82-FFBAB68797E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*",
"matchCriteriaId": "19D64247-F0A0-4984-84EA-B63FC901F002",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "316AA6EB-7191-479E-99D5-40DA79E340E7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "94F65351-C2DA-41C0-A3F9-1AE951E4386E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "1B795F9F-AFB3-4A2A-ABC6-9246906800DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*",
"matchCriteriaId": "492EA1BE-E678-4300-A690-3BFCD4B233B2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:aw:*:*:*:*:*",
"matchCriteriaId": "C4B5DD1C-BFF6-4247-B684-A7C3D8F60745",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*",
"matchCriteriaId": "4E3C9031-F69A-4B6A-A8CB-39027174AA01",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:as:*:*:*:*:*",
"matchCriteriaId": "327FEE54-79EC-4B5E-B838-F3C61FCDF48E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:es:*:*:*:*:*",
"matchCriteriaId": "056C1C15-D110-4309-A9A6-41BD753FE4F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:ws:*:*:*:*:*",
"matchCriteriaId": "08392974-5AC1-4B12-893F-3F733EF05F80",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:as:*:*:*:*:*",
"matchCriteriaId": "49EF5B77-9BC9-4AE8-A677-48E5E576BE63",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:es:*:*:*:*:*",
"matchCriteriaId": "36389D32-61C1-4487-8399-FA7D2864FACD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:ws:*:*:*:*:*",
"matchCriteriaId": "49B67F74-AF8F-4A27-AA8A-A8479E256A9F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:client:*:*:*:*:*",
"matchCriteriaId": "3AA8F2EC-55E9-4529-A816-B5D495605F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:client_workstation:*:*:*:*:*",
"matchCriteriaId": "28FBE982-794E-4C22-B5EE-F48269282C32",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:server:*:*:*:*:*",
"matchCriteriaId": "40D71CBC-D365-4710-BAB5-8A1159F35E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:linux:2.1:*:aw_itanium:*:*:*:*:*",
"matchCriteriaId": "6B34B4FF-A596-4B1E-8DA7-40B3498147EA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:linux:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CBBA00E3-1147-4E6F-BE93-92494285F88F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9092D88-585D-4A0C-B181-E8D93563C74B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:amd64:*:*:*:*:*",
"matchCriteriaId": "F1672825-AB87-4402-A628-B33AE5B7D4C8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:i386:*:*:*:*:*",
"matchCriteriaId": "939216D8-9E6C-419E-BC0A-EC7F0F29CE95",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:powerpc:*:*:*:*:*",
"matchCriteriaId": "E520564E-964D-4758-945B-5EF0C35E605C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:sparc:*:*:*:*:*",
"matchCriteriaId": "2294D5A7-7B36-497A-B0F1-514BC49E1423",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:amd64:*:*:*:*:*",
"matchCriteriaId": "AB80939E-8B58-48B6-AFB7-9CF518C0EE1F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:i386:*:*:*:*:*",
"matchCriteriaId": "80FF1759-5F86-4046-ABA3-EB7B0038F656",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:powerpc:*:*:*:*:*",
"matchCriteriaId": "DF578B64-57E2-4FCD-A6E1-F8F3317FDB88",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:sparc:*:*:*:*:*",
"matchCriteriaId": "61B11116-FA94-4989-89A1-C7B551D5195A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:7.04:*:amd64:*:*:*:*:*",
"matchCriteriaId": "7BD79C43-2615-47DE-A100-D21482D866F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:7.04:*:i386:*:*:*:*:*",
"matchCriteriaId": "1856594D-7D84-4830-A8A7-2C9D4C2D61FD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:7.04:*:powerpc:*:*:*:*:*",
"matchCriteriaId": "0B20DDF0-2FAB-4EB0-B62D-2351514B2808",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:7.04:*:sparc:*:*:*:*:*",
"matchCriteriaId": "B7748895-CE00-4BB8-BFCD-A5559BA15869",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trolltech:qt:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CB2B261-F31A-4EDF-89D5-1648E7698559",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E995A0F0-E1BB-441D-B145-1FB0AF4330DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A0B868D0-B166-455D-A96F-8530853D83EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F354E5EE-0B83-4960-98DF-9DBBB504C1C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B546D37F-7115-4CA4-8A63-BFCC0B9E1E81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6BA756A7-DE14-40F4-87F6-B3374E88B21A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD3DFD7-307F-4110-A412-D1C56836DF33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D6D18E6C-5202-4406-AEC8-6477CDA7AE67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A881DD8-9B96-4581-B39B-7721CBCD5F4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C314FF87-F182-4ABF-93D4-748EEF47C5FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "63829009-5782-4671-8678-2F090CA5520A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9AA116DA-DA3F-415C-88A7-3E65EAA2089C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E9734F0E-6CB9-4C8C-B2D0-21ABA6A22D58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2B28B5A5-98EF-4710-B8B5-D348692046BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F1539C15-BF9A-43B5-8D29-A3F2C87F92A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A9E9281D-0DB4-491C-AD2B-E7CA77FC7E48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "5DB7CA86-30F5-48B0-AB47-C4871E16DA10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trolltech:qt:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "00ED4154-E5B7-49F5-B97F-2B02C82D6B0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trolltech:qt:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5FC87D43-8E5E-4AD7-8228-345C042EC98F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trolltech:qt:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1461D39A-7705-4932-ABA9-4A2869E692F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trolltech:qt:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1E47B11C-9098-4F39-8BF3-46C95CE63B79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trolltech:qt:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "00F001C9-E388-437A-8F72-1C1C4D54FB7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trolltech:qt:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8C558DAB-23BD-4076-B839-36B269B97650",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable."
},
{
"lang": "es",
"value": "Error de superaci\u00f3n de l\u00edmite (off-by-one) en la funci\u00f3n QUtf8Decoder::toUnicode de Trolltech Qt3 permite a usuarios locales o remotos (dependiendo del contexto) provocar una denegaci\u00f3n de servicio (ca\u00edda) mediante una cadena Unicode manipulada que dispara un desbordamiento de b\u00fafer basado en mont\u00edculo. NOTA: Qt 4 tiene el mismo error en la funci\u00f3n QUtf8Codec::convertToUnicode, pero no es explotable."
}
],
"id": "CVE-2007-4137",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-09-18T19:17:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070901-01-P.asc"
},
{
"source": "secalert@redhat.com",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=192472"
},
{
"source": "secalert@redhat.com",
"url": "http://dist.trolltech.com/developer/download/175791_3.diff"
},
{
"source": "secalert@redhat.com",
"url": "http://dist.trolltech.com/developer/download/175791_4.diff"
},
{
"source": "secalert@redhat.com",
"url": "http://fedoranews.org/updates/FEDORA-2007-221.shtml"
},
{
"source": "secalert@redhat.com",
"url": "http://fedoranews.org/updates/FEDORA-2007-703.shtml"
},
{
"source": "secalert@redhat.com",
"url": "http://osvdb.org/39384"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26778"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26782"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/26804"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26811"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/26857"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/26868"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/26882"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/26987"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/27053"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/27275"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/27382"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/27996"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/28021"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-200710-28.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-200712-08.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://securitytracker.com/id?1018688"
},
{
"source": "secalert@redhat.com",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-424.htm"
},
{
"source": "secalert@redhat.com",
"url": "http://trolltech.com/company/newsroom/announcements/press.2007-09-03.7564032119"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2007/dsa-1426"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:183"
},
{
"source": "secalert@redhat.com",
"url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0883.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/481498/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/25657"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/usn-513-1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2007/3144"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=269001"
},
{
"source": "secalert@redhat.com",
"url": "https://issues.rpath.com/browse/RPL-1751"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11159"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070901-01-P.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=192472"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://dist.trolltech.com/developer/download/175791_3.diff"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://dist.trolltech.com/developer/download/175791_4.diff"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://fedoranews.org/updates/FEDORA-2007-221.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://fedoranews.org/updates/FEDORA-2007-703.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/39384"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26778"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26782"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26804"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26811"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26857"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26868"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26882"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26987"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27053"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27275"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27382"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27996"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28021"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200710-28.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200712-08.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1018688"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-424.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://trolltech.com/company/newsroom/announcements/press.2007-09-03.7564032119"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2007/dsa-1426"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:183"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0883.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/481498/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/25657"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-513-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/3144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=269001"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-1751"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11159"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-09-28 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The GIF parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0692.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-200408-20.xml | Patch, Vendor Advisory | |
| cve@mitre.org | http://sunsolve.sun.com/search/document.do?assetkey=1-66-201610-1 | ||
| cve@mitre.org | http://www.debian.org/security/2004/dsa-542 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2004:085 | ||
| cve@mitre.org | http://www.novell.com/linux/security/advisories/2004_27_qt3.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2004-414.html | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/17042 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10883 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200408-20.xml | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-66-201610-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2004/dsa-542 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2004:085 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2004_27_qt3.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2004-414.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/17042 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10883 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trolltech:qt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A34F9FC-4968-4A8A-ACCB-2AC2C234EF6C",
"versionEndIncluding": "3.3.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The GIF parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0692."
},
{
"lang": "es",
"value": "El procesador GIF en la librer\u00eda QT (qt3) en versi\u00f3nes anteriores a 3.3.3 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) mediante un fichero de imagen malformado que dispara una desreferencia nula, una vulnerabilidad distinta de CAN-2004-0692."
}
],
"id": "CVE-2004-0693",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-09-28T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200408-20.xml"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201610-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2004/dsa-542"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:085"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2004_27_qt3.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-414.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17042"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10883"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200408-20.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201610-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2004/dsa-542"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:085"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2004_27_qt3.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-414.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17042"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10883"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-08-03 20:17
Modified
2025-04-09 00:30
Severity ?
Summary
Multiple format string vulnerabilities in (1) qtextedit.cpp, (2) qdatatable.cpp, (3) qsqldatabase.cpp, (4) qsqlindex.cpp, (5) qsqlrecord.cpp, (6) qglobal.cpp, and (7) qsvgdevice.cpp in QTextEdit in Trolltech Qt 3 before 3.3.8 20070727 allow remote attackers to execute arbitrary code via format string specifiers in text used to compose an error message.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc | ||
| secalert@redhat.com | http://bugs.gentoo.org/show_bug.cgi?id=185446 | ||
| secalert@redhat.com | http://dist.trolltech.com/developer/download/170529.diff | ||
| secalert@redhat.com | http://fedoranews.org/updates/FEDORA-2007-221.shtml | ||
| secalert@redhat.com | http://fedoranews.org/updates/FEDORA-2007-703.shtml | ||
| secalert@redhat.com | http://secunia.com/advisories/24460 | ||
| secalert@redhat.com | http://secunia.com/advisories/26264 | ||
| secalert@redhat.com | http://secunia.com/advisories/26284 | ||
| secalert@redhat.com | http://secunia.com/advisories/26291 | ||
| secalert@redhat.com | http://secunia.com/advisories/26295 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/26298 | Patch | |
| secalert@redhat.com | http://secunia.com/advisories/26306 | ||
| secalert@redhat.com | http://secunia.com/advisories/26385 | ||
| secalert@redhat.com | http://secunia.com/advisories/26607 | ||
| secalert@redhat.com | http://secunia.com/advisories/26804 | ||
| secalert@redhat.com | http://secunia.com/advisories/26852 | ||
| secalert@redhat.com | http://secunia.com/advisories/26882 | ||
| secalert@redhat.com | http://secunia.com/advisories/27996 | ||
| secalert@redhat.com | http://secunia.com/advisories/28021 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-200712-08.xml | ||
| secalert@redhat.com | http://securitytracker.com/id?1018485 | Patch | |
| secalert@redhat.com | http://support.avaya.com/elmodocs2/security/ASA-2007-388.htm | ||
| secalert@redhat.com | http://trolltech.com/company/newsroom/announcements/press.2007-07-27.7503755960 | Patch | |
| secalert@redhat.com | http://www.debian.org/security/2007/dsa-1426 | ||
| secalert@redhat.com | http://www.gentoo.org/security/en/glsa/glsa-200708-16.xml | ||
| secalert@redhat.com | http://www.gentoo.org/security/en/glsa/glsa-200710-28.xml | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2007:151 | ||
| secalert@redhat.com | http://www.novell.com/linux/security/advisories/2007_48_qt3.html | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2007-0721.html | ||
| secalert@redhat.com | http://www.securityfocus.com/archive/1/475480/30/5550/threaded | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/25154 | Patch | |
| secalert@redhat.com | http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.354168 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/usn-495-1 | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2007/2733 | ||
| secalert@redhat.com | https://issues.rpath.com/browse/RPL-1597 | ||
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9690 | ||
| af854a3a-2127-422b-91ae-364da2661108 | ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://bugs.gentoo.org/show_bug.cgi?id=185446 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://dist.trolltech.com/developer/download/170529.diff | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://fedoranews.org/updates/FEDORA-2007-221.shtml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://fedoranews.org/updates/FEDORA-2007-703.shtml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/24460 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26264 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26284 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26291 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26295 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26298 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26306 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26385 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26607 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26804 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26852 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26882 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27996 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/28021 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200712-08.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1018485 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.avaya.com/elmodocs2/security/ASA-2007-388.htm | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://trolltech.com/company/newsroom/announcements/press.2007-07-27.7503755960 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2007/dsa-1426 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200708-16.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200710-28.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:151 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2007_48_qt3.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-0721.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/475480/30/5550/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/25154 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.354168 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/usn-495-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/2733 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://issues.rpath.com/browse/RPL-1597 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9690 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trolltech:qt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9FE31BA-AE24-4AA0-ABA6-753751C3EFEB",
"versionEndIncluding": "3.3.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple format string vulnerabilities in (1) qtextedit.cpp, (2) qdatatable.cpp, (3) qsqldatabase.cpp, (4) qsqlindex.cpp, (5) qsqlrecord.cpp, (6) qglobal.cpp, and (7) qsvgdevice.cpp in QTextEdit in Trolltech Qt 3 before 3.3.8 20070727 allow remote attackers to execute arbitrary code via format string specifiers in text used to compose an error message."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de formato de cadena en (1) qtextedit.cpp, (2) qdatatable.cpp, (3) qsqldatabase.cpp, (4) qsqlindex.cpp, (5) qsqlrecord.cpp, (6) qglobal.cpp, y (7) qsvgdevice.cpp en QTextEdit de Trolltech Qt 3 versiones anteriores a 3.3.8 20070727 permiten a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante especificadores de formato de cadena, en texto utilizado para componer mensajes de error."
}
],
"id": "CVE-2007-3388",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2007-08-03T20:17:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc"
},
{
"source": "secalert@redhat.com",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=185446"
},
{
"source": "secalert@redhat.com",
"url": "http://dist.trolltech.com/developer/download/170529.diff"
},
{
"source": "secalert@redhat.com",
"url": "http://fedoranews.org/updates/FEDORA-2007-221.shtml"
},
{
"source": "secalert@redhat.com",
"url": "http://fedoranews.org/updates/FEDORA-2007-703.shtml"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/24460"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/26264"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/26284"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/26291"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26295"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://secunia.com/advisories/26298"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/26306"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/26385"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/26607"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/26804"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/26852"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/26882"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/27996"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/28021"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-200712-08.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1018485"
},
{
"source": "secalert@redhat.com",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-388.htm"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://trolltech.com/company/newsroom/announcements/press.2007-07-27.7503755960"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2007/dsa-1426"
},
{
"source": "secalert@redhat.com",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200708-16.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200710-28.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:151"
},
{
"source": "secalert@redhat.com",
"url": "http://www.novell.com/linux/security/advisories/2007_48_qt3.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0721.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/475480/30/5550/threaded"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/25154"
},
{
"source": "secalert@redhat.com",
"url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.354168"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/usn-495-1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2007/2733"
},
{
"source": "secalert@redhat.com",
"url": "https://issues.rpath.com/browse/RPL-1597"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9690"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=185446"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://dist.trolltech.com/developer/download/170529.diff"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://fedoranews.org/updates/FEDORA-2007-221.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://fedoranews.org/updates/FEDORA-2007-703.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24460"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26264"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26284"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26291"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26295"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://secunia.com/advisories/26298"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26306"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26385"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26607"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26804"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26852"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26882"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27996"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28021"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200712-08.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1018485"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-388.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://trolltech.com/company/newsroom/announcements/press.2007-07-27.7503755960"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2007/dsa-1426"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200708-16.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200710-28.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:151"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2007_48_qt3.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0721.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/475480/30/5550/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/25154"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.354168"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-495-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2733"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-1597"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9690"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-05-02 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Qt before 3.3.4 searches the BUILD_PREFIX directory, which could be world-writable, to load shared libraries regardless of the LD_LIBRARY_PATH environment variable, which allows local users to execute arbitrary programs.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://bugs.gentoo.org/show_bug.cgi?id=75181 | Patch | |
| cve@mitre.org | http://www.gentoo.org/security/en/glsa/glsa-200503-01.xml | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/12695 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://bugs.gentoo.org/show_bug.cgi?id=75181 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200503-01.xml | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/12695 | Patch |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trolltech:qt:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CB2B261-F31A-4EDF-89D5-1648E7698559",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E995A0F0-E1BB-441D-B145-1FB0AF4330DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A0B868D0-B166-455D-A96F-8530853D83EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F354E5EE-0B83-4960-98DF-9DBBB504C1C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B546D37F-7115-4CA4-8A63-BFCC0B9E1E81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6BA756A7-DE14-40F4-87F6-B3374E88B21A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD3DFD7-307F-4110-A412-D1C56836DF33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D6D18E6C-5202-4406-AEC8-6477CDA7AE67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A881DD8-9B96-4581-B39B-7721CBCD5F4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C314FF87-F182-4ABF-93D4-748EEF47C5FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "63829009-5782-4671-8678-2F090CA5520A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9AA116DA-DA3F-415C-88A7-3E65EAA2089C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Qt before 3.3.4 searches the BUILD_PREFIX directory, which could be world-writable, to load shared libraries regardless of the LD_LIBRARY_PATH environment variable, which allows local users to execute arbitrary programs."
}
],
"id": "CVE-2005-0627",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-02T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=75181"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-01.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/12695"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=75181"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-01.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/12695"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-09-28 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The XPM parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0693.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://marc.info/?l=bugtraq&m=110979666528890&w=2 | ||
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-200408-20.xml | Patch, Vendor Advisory | |
| cve@mitre.org | http://sunsolve.sun.com/search/document.do?assetkey=1-66-201610-1 | ||
| cve@mitre.org | http://www.debian.org/security/2004/dsa-542 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2004:085 | ||
| cve@mitre.org | http://www.novell.com/linux/security/advisories/2004_27_qt3.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2004-414.html | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/17041 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10327 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=110979666528890&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200408-20.xml | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-66-201610-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2004/dsa-542 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2004:085 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2004_27_qt3.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2004-414.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/17041 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10327 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trolltech:qt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A34F9FC-4968-4A8A-ACCB-2AC2C234EF6C",
"versionEndIncluding": "3.3.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The XPM parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0693."
},
{
"lang": "es",
"value": "El procesador XPM en la librer\u00eda QT (qt3) en versi\u00f3nes anteriores a 3.3.3 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) mediante un fichero de imagen malformado que dispara una desreferencia nula, una vulnerabilidad distinta de CAN-2004-0693."
}
],
"id": "CVE-2004-0692",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-09-28T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110979666528890\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200408-20.xml"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201610-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2004/dsa-542"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:085"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2004_27_qt3.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-414.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17041"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10327"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110979666528890\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200408-20.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201610-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2004/dsa-542"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:085"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2004_27_qt3.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-414.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10327"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-09-28 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Heap-based buffer overflow in the BMP image format parser for the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://marc.info/?l=bugtraq&m=109295309008309&w=2 | ||
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-200408-20.xml | Patch, Vendor Advisory | |
| cve@mitre.org | http://sunsolve.sun.com/search/document.do?assetkey=1-66-201610-1 | ||
| cve@mitre.org | http://www.debian.org/security/2004/dsa-542 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2004:085 | ||
| cve@mitre.org | http://www.novell.com/linux/security/advisories/2004_27_qt3.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2004-414.html | Patch, Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/17040 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9485 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=109295309008309&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200408-20.xml | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-66-201610-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2004/dsa-542 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2004:085 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2004_27_qt3.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2004-414.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/17040 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9485 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trolltech:qt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A34F9FC-4968-4A8A-ACCB-2AC2C234EF6C",
"versionEndIncluding": "3.3.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the BMP image format parser for the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en el mont\u00f3n en el procesador de formato de imagen BMP de la librer\u00eda QT (qt3) anteriores a 3.3.3 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n."
}
],
"id": "CVE-2004-0691",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-09-28T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109295309008309\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200408-20.xml"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201610-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2004/dsa-542"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:085"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2004_27_qt3.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-414.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17040"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9485"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109295309008309\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200408-20.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201610-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2004/dsa-542"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:085"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2004_27_qt3.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-414.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17040"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9485"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}