9 results (0.023 seconds)

CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0

CVE-2007-5965

https://notcve.org/view.php?id=CVE-2007-5965

QSslSocket in Trolltech Qt 4.3.0 through 4.3.2 does not properly verify SSL certificates, which might make it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service, or trick a service into accepting an invalid client certificate for a user. QSslSocket de Trolltech Qt 4.3.0 hasta 4.3.2 no verifica apropiadamente certificados SSL, lo cual facilita a atacantes remotos engañar a un usuario para que acepte un certificado de servidor inválido para un servicio suplantado, ó engañar a un servicio a aceptar un certificado cliente inválido de un usuario. • http://secunia.com/advisories/28228 http://secunia.com/advisories/28321 http://secunia.com/advisories/28636 http://secunia.com/advisories/28999 http://trolltech.com/company/newsroom/announcements/press.2007-12-21.2182567220 http://www.mandriva.com/security/advisories?name=MDVSA-2008:042 http://www.novell.com/linux/security/advisories/suse_security_summary_report.html http://www.securityfocus.com/bid/27112 http://www.ubuntu.com/usn/usn-579-1 http://www.vupen.com/english/advisories • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.5EPSS: 1%CPEs: 65EXPL: 0

CVE-2007-4137 – QT off by one buffer overflow

https://notcve.org/view.php?id=CVE-2007-4137

Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable. Error de superación de límite (off-by-one) en la función QUtf8Decoder::toUnicode de Trolltech Qt3 permite a usuarios locales o remotos (dependiendo del contexto) provocar una denegación de servicio (caída) mediante una cadena Unicode manipulada que dispara un desbordamiento de búfer basado en montículo. NOTA: Qt 4 tiene el mismo error en la función QUtf8Codec::convertToUnicode, pero no es explotable. • ftp://patches.sgi.com/support/free/security/advisories/20070901-01-P.asc http://bugs.gentoo.org/show_bug.cgi?id=192472 http://dist.trolltech.com/developer/download/175791_3.diff http://dist.trolltech.com/developer/download/175791_4.diff http://fedoranews.org/updates/FEDORA-2007-221.shtml http://fedoranews.org/updates/FEDORA-2007-703.shtml http://osvdb.org/39384 http://secunia.com/advisories/26778 http://secunia.com/advisories/26782 http://secunia.com/advisories/26804 http: • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-193: Off-by-one Error •

CVSS: 6.8EPSS: 14%CPEs: 1EXPL: 0

CVE-2007-3388 – qt3 format string flaw

https://notcve.org/view.php?id=CVE-2007-3388

Multiple format string vulnerabilities in (1) qtextedit.cpp, (2) qdatatable.cpp, (3) qsqldatabase.cpp, (4) qsqlindex.cpp, (5) qsqlrecord.cpp, (6) qglobal.cpp, and (7) qsvgdevice.cpp in QTextEdit in Trolltech Qt 3 before 3.3.8 20070727 allow remote attackers to execute arbitrary code via format string specifiers in text used to compose an error message. Múltiples vulnerabilidades de formato de cadena en (1) qtextedit.cpp, (2) qdatatable.cpp, (3) qsqldatabase.cpp, (4) qsqlindex.cpp, (5) qsqlrecord.cpp, (6) qglobal.cpp, y (7) qsvgdevice.cpp en QTextEdit de Trolltech Qt 3 versiones anteriores a 3.3.8 20070727 permiten a atacantes remotos ejecutar código de su elección mediante especificadores de formato de cadena, en texto utilizado para componer mensajes de error. • ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc http://bugs.gentoo.org/show_bug.cgi?id=185446 http://dist.trolltech.com/developer/download/170529.diff http://fedoranews.org/updates/FEDORA-2007-221.shtml http://fedoranews.org/updates/FEDORA-2007-703.shtml http://secunia.com/advisories/24460 http://secunia.com/advisories/26264 http://secunia.com/advisories/26284 http://secunia.com/advisories/26291 http://secunia.com/advisories/26295 http://secunia.com& •

CVSS: 4.6EPSS: 0%CPEs: 12EXPL: 0

CVE-2005-0627

https://notcve.org/view.php?id=CVE-2005-0627

Qt before 3.3.4 searches the BUILD_PREFIX directory, which could be world-writable, to load shared libraries regardless of the LD_LIBRARY_PATH environment variable, which allows local users to execute arbitrary programs. • http://bugs.gentoo.org/show_bug.cgi?id=75181 http://www.gentoo.org/security/en/glsa/glsa-200503-01.xml http://www.securityfocus.com/bid/12695 •

CVSS: 5.0EPSS: 4%CPEs: 1EXPL: 0

CVE-2004-0692

https://notcve.org/view.php?id=CVE-2004-0692

The XPM parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0693. El procesador XPM en la librería QT (qt3) en versiónes anteriores a 3.3.3 permite a atacantes remotos causar una denegación de servicio (caída de aplicación) mediante un fichero de imagen malformado que dispara una desreferencia nula, una vulnerabilidad distinta de CAN-2004-0693. • http://marc.info/?l=bugtraq&m=110979666528890&w=2 http://security.gentoo.org/glsa/glsa-200408-20.xml http://sunsolve.sun.com/search/document.do?assetkey=1-66-201610-1 http://www.debian.org/security/2004/dsa-542 http://www.mandriva.com/security/advisories?name=MDKSA-2004:085 http://www.novell.com/linux/security/advisories/2004_27_qt3.html http://www.redhat.com/support/errata/RHSA-2004-414.html https://exchange.xforce.ibmcloud.com/vulnerabilities/17041 https://oval.cisecur •