Back to search
CVE-2007-4137
Published: Sep 18, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://bugs.gentoo.org/show_bug.cgi?id=192472
x_refsource_CONFIRM
MDKSA-2007:183
vendor-advisory
x_refsource_MANDRIVA
SUSE-SR:2007:019
vendor-advisory
x_refsource_SUSE
26868
third-party-advisory
x_refsource_SECUNIA
http://support.avaya.com/elmodocs2/security/ASA-2007-424.htm
x_refsource_CONFIRM
https://issues.rpath.com/browse/RPL-1751
x_refsource_CONFIRM
26811
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:11159
vdb-entry
signature
x_refsource_OVAL
27053
third-party-advisory
x_refsource_SECUNIA
27996
third-party-advisory
x_refsource_SECUNIA
27275
third-party-advisory
x_refsource_SECUNIA
27382
third-party-advisory
x_refsource_SECUNIA
26857
third-party-advisory
x_refsource_SECUNIA
26778
third-party-advisory
x_refsource_SECUNIA
https://bugzilla.redhat.com/show_bug.cgi?id=269001
x_refsource_MISC
26882
third-party-advisory
x_refsource_SECUNIA
26987
third-party-advisory
x_refsource_SECUNIA
GLSA-200710-28
vendor-advisory
x_refsource_GENTOO
ADV-2007-3144
vdb-entry
x_refsource_VUPEN
http://dist.trolltech.com/developer/download/175791_4.diff
x_refsource_MISC
39384
vdb-entry
x_refsource_OSVDB
26804
third-party-advisory
x_refsource_SECUNIA
26782
third-party-advisory
x_refsource_SECUNIA
http://dist.trolltech.com/developer/download/175791_3.diff
x_refsource_MISC
FEDORA-2007-703
vendor-advisory
x_refsource_FEDORA
FEDORA-2007-2216
vendor-advisory
x_refsource_FEDORA
GLSA-200712-08
vendor-advisory
x_refsource_GENTOO
28021
third-party-advisory
x_refsource_SECUNIA
RHSA-2007:0883
vendor-advisory
x_refsource_REDHAT
1018688
vdb-entry
x_refsource_SECTRACK
20071004 FLEA-2007-0059-1 qt qt-tools
mailing-list
x_refsource_BUGTRAQ
USN-513-1
vendor-advisory
x_refsource_UBUNTU
25657
vdb-entry
x_refsource_BID
DSA-1426
vendor-advisory
x_refsource_DEBIAN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now