Computer Security

Qt library buffer overflow
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Qt library buffer overflow
Published:14.09.2007
Source:FULL-DISCLOSURE
SecurityVulns ID:8153
Type:library
Level:5/10
Description:Buffer overflow on Unicode strings parsing.
Affected:QT : qt 3.3
 QT : qt 4.1
CVE:CVE-2007-4137 (Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable.)
Original documentdocumentMANDRIVA, [Full-disclosure] [ MDKSA-2007:183 ] - Updated qt3/qt4 packages fix vulnerability (14.09.2007)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server