cbcvebase.

Trolltech Qt vulnerabilities

6 known vulnerabilities affecting trolltech/qt.

Total CVEs
6
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM4

Vulnerabilities

Page 1 of 1
CVE-2004-0691P3HIGHCVSS 7.5PoC≤ 3.3.32004-09-28
CVE-2004-0691 [HIGH] CVE-2004-0691: Heap-based buffer overflow in the BMP image format parser for the QT library (qt3) before 3.3.3 allo Heap-based buffer overflow in the BMP image format parser for the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code.
nvd
CVE-2007-3388P3MEDIUMCVSS 6.8≤ 3.3.72007-08-03
CVE-2007-3388 [MEDIUM] CVE-2007-3388: Multiple format string vulnerabilities in (1) qtextedit.cpp, (2) qdatatable.cpp, (3) qsqldatabase.cp Multiple format string vulnerabilities in (1) qtextedit.cpp, (2) qdatatable.cpp, (3) qsqldatabase.cpp, (4) qsqlindex.cpp, (5) qsqlrecord.cpp, (6) qglobal.cpp, and (7) qsvgdevice.cpp in QTextEdit in Trolltech Qt 3 before 3.3.8 20070727 allow remote attackers to execute arbitrary code via format string specifiers in text used to compose an error message.
nvd
CVE-2007-4137P4HIGHCVSS 7.5v3.0v3.0.3+21 more2007-09-18
CVE-2007-4137 [HIGH] CWE-119 CVE-2007-4137: Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable.
nvd
CVE-2005-0627P4MEDIUMCVSS 4.6v3.0v3.0.3+10 more2005-05-02
CVE-2005-0627 [MEDIUM] CVE-2005-0627: Qt before 3.3.4 searches the BUILD_PREFIX directory, which could be world-writable, to load shared l Qt before 3.3.4 searches the BUILD_PREFIX directory, which could be world-writable, to load shared libraries regardless of the LD_LIBRARY_PATH environment variable, which allows local users to execute arbitrary programs.
nvd
CVE-2004-0692P4MEDIUMCVSS 5.0≤ 3.3.32004-09-28
CVE-2004-0692 [MEDIUM] CVE-2004-0692: The XPM parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of ser The XPM parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0693.
nvd
CVE-2004-0693P4MEDIUMCVSS 5.0≤ 3.3.32004-09-28
CVE-2004-0693 [MEDIUM] CVE-2004-0693: The GIF parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of ser The GIF parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0692.
nvd
Trolltech Qt vulnerabilities | cvebase