6 matches found
CVE-2004-0691
The CVE describes a heap-based overflow in the BMP image parser of the Qt3 library (qt3) prior to version 3.3.3. This affects the BMP parsing path and can be triggered remotely through network inputs, potentially crashing the application and possibly allowing arbitrary code execution. A fix is av...
CVE-2004-0693
CVE-2004-0693 concerns the GIF parser in the QT library (qt3) prior to 3.3.3. A malformed GIF image can trigger a null dereference, allowing a remote attacker to cause an application crash (DoS). Affected component: qt3 GIF parser; root cause: null dereference when parsing crafted GIFs; impact: d...
CVE-2007-3388
CVE-2007-3388 affects Trolltech Qt 3 (Qt X11-free) with multiple format-string vulnerabilities in QTextEdit components (qtextedit.cpp, qdatatable.cpp, qsql*.cpp, qglobal.cpp, qsvgdevice.cpp) that could allow remote code execution via error-message text. Affected versions are Qt 3 prior to 3.3.8 (...
CVE-2007-4137
The CVE-2007-4137 issue is an off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3, causing a heap-based buffer overflow that can lead to a denial of service via a crafted Unicode string. Qt 4 reportedly has a similar error in QUtf8Codec::convertToUnicode, but it is not expl...
CVE-2004-0692
CVE-2004-0692 is a denial-of-service vulnerability in the XPM image parser of the Qt3 library prior to 3.3.3. The issue arises from a malformed image file that triggers a null dereference, causing the application to crash. Affected products/contexts include Qt3 deployments (Qt3 library) used by L...
CVE-2005-0627
CVE-2005-0627 (Qt) : Qt before 3.3.4 searches the BUILD_PREFIX directory, which can be world-writable, to load shared libraries, effectively bypassing LD_LIBRARY_PATH and enabling a local user to execute arbitrary code. Affected product/versions: Qt up to 3.3.x prior to 3.3.4. Impact: local privi...