19 matches found
Oracle Linux 5 : Important: / qt (ELSA-2007-0883)
The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2007-0883 advisory. 3.3.6-23 - Resolves: 277011, Qt UTF8 improper character expansion, CVE-2007-0242 - Resolves: 269141, Qt off by one buffer overflow, CVE-2007-413 Tenabl...
Scientific Linux Security Update : qt4 on SL5.x i386/x86_64
Qt 4 is a software toolkit that simplifies the task of writing and maintaining GUI Graphical User Interface applications for the X Window System. HarfBuzz is an OpenType text shaping engine. A flaw in the way Qt 4 expanded certain UTF-8 characters could be used to prevent a Qt 4 based application...
Scientific Linux Security Update : qt on SL5.x, SL4.x, SL3.x i386/x86_64
A flaw was found in the way Qt expanded certain UTF8 characters. It was possible to prevent a Qt-based application from properly sanitizing user supplied input. This could, for example, result in a cross-site scripting attack against the Konqueror web browser. CVE-2007-0242 A buffer overflow flaw...
Scientific Linux Security Update : kdelibs on SL5.x, SL4.x i386/x86_64
Two cross-site-scripting flaws were found in the way Konqueror processes certain HTML content. This could result in a malicious attacker presenting misleading content to an unsuspecting user. CVE-2007-0242, CVE-2007-0537 A flaw was found in KDE JavaScript implementation. A web page containing...
CentOS Update for qt4 CESA-2011:1324 centos5 x86_64
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CentOS Update for qt4 CESA-2011:1324 centos5 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
RHEL 5 : qt4 (RHSA-2011:1324)
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:1324 advisory. Qt 4 is a software toolkit that simplifies the task of writing and maintaining GUI Graphical User Interface applications for the X Window...
CentOS 5 : qt4 (CESA-2011:1324)
Updated qt4 packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are availabl...
SLES9: Security update for Qt3
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: qt3-devel qt3 qt3-non-mt For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 50132...
Ubuntu: Security Advisory (USN-452-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for qt FEDORA-2007-703
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
SuSE 10 Security Update : Qt (ZYPP Patch Number 3047)
qt wongly accepts overly long UTF-8 sequences due to a bug in the UTF-8 decoder. This may lead to security problems unter certain circumstances. The bug for example allows for script tag injection in konqueror. CVE-2007-0242 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text descriptio...
SuSE 10 Security Update : Qt3 (ZYPP Patch Number 3052)
qt wrongly accepts overly long UTF-8 sequences due to a bug in the UTF-8 decoder. This may lead to security problems unter certain circumstances. The bug for example allows for script tag injection in konqueror. CVE-2007-0242 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text descripti...
openSUSE 10 Security Update : qt (qt-3050)
qt wrongly accepts overly long UTF-8 sequences due to a bug in the UTF-8 decoder. This may lead to security problems unter certain circumstances. The bug for example allows for script tag injection in konqueror CVE-2007-0242. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive te...
openSUSE 10 Security Update : libqt4 (libqt4-3056)
qt wrongly accepts overly long UTF-8 sequences due to a bug in the UTF-8 decoder. This may lead to security problems unter certain circumstances. The bug for example allows for script tag injection in konqueror CVE-2007-0242. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive te...
Fedora Core 6 : qt-3.3.8-2.fc6 (2007-703)
Mon Sep 17 2007 Than Ngo - 1:3.3.8-2.fc6 - bz292951, CVE-2007-4137 - Wed Aug 29 2007 Than Ngo - 1:3.3.8-1.fc6.1 - CVE-2007-3388 qt format string flaw - bz234635, CVE-2007-0242 qt UTF8 improper character expansion Note that Tenable Network Security has extracted the preceding description block...
Slackware 10.2 / 11.0 / current : qt (SSA:2007-093-03)
New qt packages are available for Slackware 10.2, 11.0, and -current to fix a security issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2007-093-03. The text itself is copyright C...
[slackware-security] qt
New qt packages are available for Slackware 10.2, 11.0, and -current to fix a security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2007-0242 Here are the details from the Slackware 11.0 ChangeLog:...
CVE-2007-0242
CVE-2007-0242 affects Qt 3.3.8 and 4.2.3 where the UTF-8 decoder in codecs/qutfcodec.cpp does not reject overlong UTF-8 sequences as required by the standard. This allows remote attackers to perform cross-site scripting (XSS) and directory traversal by sending long sequences that decode to danger...