Lucene search

Veracode Vulnerability DatabaseVERACODE:23133

HistoryApr 10, 2020 - 12:17 a.m.

Arbitrary Code Execution

2020-04-1000:17:14

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

JSON

qt is vulnerable to arbitrary code execution. Several format string flaws were found in Qt error message handling. If an application linked against Qt created an error message from user supplied data in a certain way, it could lead to a denial of service or possibly allow the execution of arbitrary code.

CPENameOperatorVersion
qteq3.3.6__20.el5
qteq3.3.6__20.el5

CPE	Name	Operator	Version
	qt	eq	3.3.6__20.el5
	qt	eq	3.3.6__20.el5

References

bugs.gentoo.org/show_bug.cgi?id=185446

dist.trolltech.com/developer/download/170529.diff

fedoranews.org/updates/FEDORA-2007-221.shtml

fedoranews.org/updates/FEDORA-2007-703.shtml

ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc

secunia.com/advisories/24460

secunia.com/advisories/26264

secunia.com/advisories/26284

secunia.com/advisories/26291

secunia.com/advisories/26295

secunia.com/advisories/26298

secunia.com/advisories/26306

secunia.com/advisories/26385

secunia.com/advisories/26607

secunia.com/advisories/26804

secunia.com/advisories/26852

secunia.com/advisories/26882

secunia.com/advisories/27996

secunia.com/advisories/28021

security.gentoo.org/glsa/glsa-200712-08.xml

securitytracker.com/id?1018485

support.avaya.com/elmodocs2/security/ASA-2007-388.htm

trolltech.com/company/newsroom/announcements/press.2007-07-27.7503755960

www.debian.org/security/2007/dsa-1426

www.gentoo.org/security/en/glsa/glsa-200708-16.xml

www.gentoo.org/security/en/glsa/glsa-200710-28.xml

www.mandriva.com/security/advisories?name=MDKSA-2007:151

www.novell.com/linux/security/advisories/2007_48_qt3.html

www.redhat.com/security/updates/classification/#moderate

www.redhat.com/support/errata/RHSA-2007-0721.html

www.securityfocus.com/archive/1/475480/30/5550/threaded

www.securityfocus.com/bid/25154

www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.354168

www.ubuntu.com/usn/usn-495-1

www.vupen.com/english/advisories/2007/2733

access.redhat.com/errata/RHSA-2007:0721

issues.rpath.com/browse/RPL-1597

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9690

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

JSON

Related for VERACODE:23133