6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
qt is vulnerable to arbitrary code execution. Several format string flaws were found in Qt error message handling. If an application linked against Qt created an error message from user supplied data in a certain way, it could lead to a denial of service or possibly allow the execution of arbitrary code.
CPE | Name | Operator | Version |
---|---|---|---|
qt | eq | 3.3.6__20.el5 | |
qt | eq | 3.3.6__20.el5 |
bugs.gentoo.org/show_bug.cgi?id=185446
dist.trolltech.com/developer/download/170529.diff
fedoranews.org/updates/FEDORA-2007-221.shtml
fedoranews.org/updates/FEDORA-2007-703.shtml
ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc
ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc
secunia.com/advisories/24460
secunia.com/advisories/26264
secunia.com/advisories/26284
secunia.com/advisories/26291
secunia.com/advisories/26295
secunia.com/advisories/26298
secunia.com/advisories/26306
secunia.com/advisories/26385
secunia.com/advisories/26607
secunia.com/advisories/26804
secunia.com/advisories/26852
secunia.com/advisories/26882
secunia.com/advisories/27996
secunia.com/advisories/28021
security.gentoo.org/glsa/glsa-200712-08.xml
securitytracker.com/id?1018485
support.avaya.com/elmodocs2/security/ASA-2007-388.htm
trolltech.com/company/newsroom/announcements/press.2007-07-27.7503755960
www.debian.org/security/2007/dsa-1426
www.gentoo.org/security/en/glsa/glsa-200708-16.xml
www.gentoo.org/security/en/glsa/glsa-200710-28.xml
www.mandriva.com/security/advisories?name=MDKSA-2007:151
www.novell.com/linux/security/advisories/2007_48_qt3.html
www.redhat.com/security/updates/classification/#moderate
www.redhat.com/support/errata/RHSA-2007-0721.html
www.securityfocus.com/archive/1/475480/30/5550/threaded
www.securityfocus.com/bid/25154
www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.354168
www.ubuntu.com/usn/usn-495-1
www.vupen.com/english/advisories/2007/2733
access.redhat.com/errata/RHSA-2007:0721
issues.rpath.com/browse/RPL-1597
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9690