Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2011:1324
The remote host is missing updates announced in
advisory RHSA-2011:1324.

Qt 4 is a software toolkit that simplifies the task of writing and
maintaining GUI (Graphical User Interface) applications for the X Window
System. HarfBuzz is an OpenType text shaping engine.

A flaw in the way Qt 4 expanded certain UTF-8 characters could be used to
prevent a Qt 4 based application from properly sanitizing user input.
Depending on the application, this could allow an attacker to perform
directory traversal, or for web applications, a cross-site scripting (XSS)
attack. (CVE-2007-0242)

A buffer overflow flaw was found in the harfbuzz module in Qt 4. If a user
loaded a specially-crafted font file with an application linked against Qt
4, it could cause the application to crash or, possibly, execute arbitrary
code with the privileges of the user running the application.

Users of Qt 4 should upgrade to these updated packages, which contain
backported patches to correct these issues. All running applications linked
against Qt 4 libraries must be restarted for this update to take effect.

Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

Risk factor : Medium

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2007-0242
BugTraq ID: 23269
Debian Security Information: DSA-1292 (Google Search)
RedHat Security Advisories: RHSA-2011:1324
SGI Security Advisory: 20070901-01-P
SuSE Security Announcement: SUSE-SR:2007:006 (Google Search)
XForce ISS Database: qt-utf8-xss(33397)
Common Vulnerability Exposure (CVE) ID: CVE-2011-3193
BugTraq ID: 49723
RedHat Security Advisories: RHSA-2011:1323
RedHat Security Advisories: RHSA-2011:1325
RedHat Security Advisories: RHSA-2011:1326
RedHat Security Advisories: RHSA-2011:1327
RedHat Security Advisories: RHSA-2011:1328
SuSE Security Announcement: SUSE-SU-2011:1113 (Google Search)
SuSE Security Announcement: openSUSE-SU-2011:1119 (Google Search)
SuSE Security Announcement: openSUSE-SU-2011:1120 (Google Search)
XForce ISS Database: pango-harfbuzz-bo(69991)
CopyrightCopyright (c) 2011 E-Soft Inc.

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.