5.8 Medium
AI Score
Confidence
Low
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.003 Low
EPSS
Percentile
70.6%
Richard J. Moore and Peter Hartmann discovered that Qt allowed redirecting
requests from http to file schemes. If an attacker were able to perform a
machine-in-the-middle attack, this flaw could be exploited to view sensitive
information. This issue only affected Ubuntu 11.10, Ubuntu 12.04 LTS,
and Ubuntu 12.10. (CVE-2012-5624)
Stephen Cheng discovered that Qt may report incorrect errors when ssl
certificate verification fails. (CVE-2012-6093)
Tim Brown and Mark Lowe discovered that Qt incorrectly used weak
permissions on shared memory segments. A local attacker could use this
issue to view sensitive information, or modify program data belonging to
other users. (CVE-2013-0254)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 12.10 | noarch | libqt4-core | < 4:4.8.3+dfsg-0ubuntu3.1 | UNKNOWN |
Ubuntu | 12.10 | noarch | libqt4-assistant | < 4:4.8.3+dfsg-0ubuntu3.1 | UNKNOWN |
Ubuntu | 12.10 | noarch | libqt4-dbg | < 4:4.8.3+dfsg-0ubuntu3.1 | UNKNOWN |
Ubuntu | 12.10 | noarch | libqt4-dbus | < 4:4.8.3+dfsg-0ubuntu3.1 | UNKNOWN |
Ubuntu | 12.10 | noarch | libqt4-declarative | < 4:4.8.3+dfsg-0ubuntu3.1 | UNKNOWN |
Ubuntu | 12.10 | noarch | libqt4-declarative-folderlistmodel | < 4:4.8.3+dfsg-0ubuntu3.1 | UNKNOWN |
Ubuntu | 12.10 | noarch | libqt4-declarative-gestures | < 4:4.8.3+dfsg-0ubuntu3.1 | UNKNOWN |
Ubuntu | 12.10 | noarch | libqt4-declarative-particles | < 4:4.8.3+dfsg-0ubuntu3.1 | UNKNOWN |
Ubuntu | 12.10 | noarch | libqt4-declarative-shaders | < 4:4.8.3+dfsg-0ubuntu3.1 | UNKNOWN |
Ubuntu | 12.10 | noarch | libqt4-designer | < 4:4.8.3+dfsg-0ubuntu3.1 | UNKNOWN |