CVSS: 7.5EPSS: 1%CPEs: 65EXPL: 0CVE-2007-4137 – QT off by one buffer overflow
https://notcve.org/view.php?id=CVE-2007-4137
Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable. Error de superación de límite (off-by-one) en la función QUtf8Decoder::toUnicode de Trolltech Qt3 permite a usuarios locales o remotos (dependiendo del contexto) provocar una denegación de servicio (caída) mediante una cadena Unicode manipulada que dispara un desbordamiento de búfer basado en montículo. NOTA: Qt 4 tiene el mismo error en la función QUtf8Codec::convertToUnicode, pero no es explotable. • ftp://patches.sgi.com/support/free/security/advisories/20070901-01-P.asc http://bugs.gentoo.org/show_bug.cgi?id=192472 http://dist.trolltech.com/developer/download/175791_3.diff http://dist.trolltech.com/developer/download/175791_4.diff http://fedoranews.org/updates/FEDORA-2007-221.shtml http://fedoranews.org/updates/FEDORA-2007-703.shtml http://osvdb.org/39384 http://secunia.com/advisories/26778 http://secunia.com/advisories/26782 http://secunia.com/advisories/26804 http: • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-193: Off-by-one Error •
CVSS: 6.8EPSS: 14%CPEs: 1EXPL: 0CVE-2007-3388 – qt3 format string flaw
https://notcve.org/view.php?id=CVE-2007-3388
Multiple format string vulnerabilities in (1) qtextedit.cpp, (2) qdatatable.cpp, (3) qsqldatabase.cpp, (4) qsqlindex.cpp, (5) qsqlrecord.cpp, (6) qglobal.cpp, and (7) qsvgdevice.cpp in QTextEdit in Trolltech Qt 3 before 3.3.8 20070727 allow remote attackers to execute arbitrary code via format string specifiers in text used to compose an error message. Múltiples vulnerabilidades de formato de cadena en (1) qtextedit.cpp, (2) qdatatable.cpp, (3) qsqldatabase.cpp, (4) qsqlindex.cpp, (5) qsqlrecord.cpp, (6) qglobal.cpp, y (7) qsvgdevice.cpp en QTextEdit de Trolltech Qt 3 versiones anteriores a 3.3.8 20070727 permiten a atacantes remotos ejecutar código de su elección mediante especificadores de formato de cadena, en texto utilizado para componer mensajes de error. • ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc http://bugs.gentoo.org/show_bug.cgi?id=185446 http://dist.trolltech.com/developer/download/170529.diff http://fedoranews.org/updates/FEDORA-2007-221.shtml http://fedoranews.org/updates/FEDORA-2007-703.shtml http://secunia.com/advisories/24460 http://secunia.com/advisories/26264 http://secunia.com/advisories/26284 http://secunia.com/advisories/26291 http://secunia.com/advisories/26295 http://secunia.com& •
CVSS: 4.6EPSS: 0%CPEs: 12EXPL: 0CVE-2005-0627
https://notcve.org/view.php?id=CVE-2005-0627
Qt before 3.3.4 searches the BUILD_PREFIX directory, which could be world-writable, to load shared libraries regardless of the LD_LIBRARY_PATH environment variable, which allows local users to execute arbitrary programs. • http://bugs.gentoo.org/show_bug.cgi?id=75181 http://www.gentoo.org/security/en/glsa/glsa-200503-01.xml http://www.securityfocus.com/bid/12695 •
CVSS: 5.0EPSS: 4%CPEs: 1EXPL: 0CVE-2004-0692
https://notcve.org/view.php?id=CVE-2004-0692
The XPM parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0693. El procesador XPM en la librería QT (qt3) en versiónes anteriores a 3.3.3 permite a atacantes remotos causar una denegación de servicio (caída de aplicación) mediante un fichero de imagen malformado que dispara una desreferencia nula, una vulnerabilidad distinta de CAN-2004-0693. • http://marc.info/?l=bugtraq&m=110979666528890&w=2 http://security.gentoo.org/glsa/glsa-200408-20.xml http://sunsolve.sun.com/search/document.do?assetkey=1-66-201610-1 http://www.debian.org/security/2004/dsa-542 http://www.mandriva.com/security/advisories?name=MDKSA-2004:085 http://www.novell.com/linux/security/advisories/2004_27_qt3.html http://www.redhat.com/support/errata/RHSA-2004-414.html https://exchange.xforce.ibmcloud.com/vulnerabilities/17041 https://oval.cisecur •
CVSS: 5.0EPSS: 4%CPEs: 1EXPL: 0CVE-2004-0693
https://notcve.org/view.php?id=CVE-2004-0693
The GIF parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0692. El procesador GIF en la librería QT (qt3) en versiónes anteriores a 3.3.3 permite a atacantes remotos causar una denegación de servicio (caída de aplicación) mediante un fichero de imagen malformado que dispara una desreferencia nula, una vulnerabilidad distinta de CAN-2004-0692. • http://security.gentoo.org/glsa/glsa-200408-20.xml http://sunsolve.sun.com/search/document.do?assetkey=1-66-201610-1 http://www.debian.org/security/2004/dsa-542 http://www.mandriva.com/security/advisories?name=MDKSA-2004:085 http://www.novell.com/linux/security/advisories/2004_27_qt3.html http://www.redhat.com/support/errata/RHSA-2004-414.html https://exchange.xforce.ibmcloud.com/vulnerabilities/17042 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3A •