Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2007:0883

The remote host is missing updates announced in
advisory RHSA-2007:0883.

Qt is a software toolkit that simplifies the task of writing and
maintaining GUI (Graphical User Interface) applications for the X Window

A flaw was found in the way Qt expanded certain UTF8 characters. It was
possible to prevent a Qt-based application from properly sanitizing user
supplied input. This could, for example, result in a cross-site scripting
attack against the Konqueror web browser. (CVE-2007-0242)

A buffer overflow flaw was found in the way Qt expanded malformed Unicode
strings. If an application linked against Qt parsed a malicious Unicode
string, it could lead to a denial of service or possibly allow the
execution of arbitrary code. (CVE-2007-4137)

Users of Qt should upgrade to these updated packages, which contain a
backported patch to correct these issues.

Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

Risk factor : High

CVSS Score:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2007-0242
BugTraq ID: 23269
Debian Security Information: DSA-1292 (Google Search)
RedHat Security Advisories: RHSA-2011:1324
SGI Security Advisory: 20070901-01-P
SuSE Security Announcement: SUSE-SR:2007:006 (Google Search)
XForce ISS Database: qt-utf8-xss(33397)
Common Vulnerability Exposure (CVE) ID: CVE-2007-4137
BugTraq ID: 25657
Bugtraq: 20071004 FLEA-2007-0059-1 qt qt-tools (Google Search)
Debian Security Information: DSA-1426 (Google Search)
SuSE Security Announcement: SUSE-SR:2007:019 (Google Search)
CopyrightCopyright (c) 2007 E-Soft Inc.

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.