CVE-2007-3388
qt3 format string flaw
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Multiple format string vulnerabilities in (1) qtextedit.cpp, (2) qdatatable.cpp, (3) qsqldatabase.cpp, (4) qsqlindex.cpp, (5) qsqlrecord.cpp, (6) qglobal.cpp, and (7) qsvgdevice.cpp in QTextEdit in Trolltech Qt 3 before 3.3.8 20070727 allow remote attackers to execute arbitrary code via format string specifiers in text used to compose an error message.
Múltiples vulnerabilidades de formato de cadena en (1) qtextedit.cpp, (2) qdatatable.cpp, (3) qsqldatabase.cpp, (4) qsqlindex.cpp, (5) qsqlrecord.cpp, (6) qglobal.cpp, y (7) qsvgdevice.cpp en QTextEdit de Trolltech Qt 3 versiones anteriores a 3.3.8 20070727 permiten a atacantes remotos ejecutar código de su elección mediante especificadores de formato de cadena, en texto utilizado para componer mensajes de error.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2007-06-25 CVE Reserved
- 2007-08-03 CVE Published
- 2024-07-14 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (38)
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://secunia.com/advisories/26298 | 2018-10-16 | |
http://securitytracker.com/id?1018485 | 2018-10-16 | |
http://trolltech.com/company/newsroom/announcements/press.2007-07-27.7503755960 | 2018-10-16 | |
http://www.securityfocus.com/bid/25154 | 2018-10-16 |