Vulnerabilities > Trolltech
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-01-08 | CVE-2007-5965 | Permissions, Privileges, and Access Controls vulnerability in Trolltech Qsslsocket 4.3.0/4.3.1/4.3.2 QSslSocket in Trolltech Qt 4.3.0 through 4.3.2 does not properly verify SSL certificates, which might make it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service, or trick a service into accepting an invalid client certificate for a user. | 4.3 |
2007-08-03 | CVE-2007-3388 | Format String vulnerability in Trolltech Qt QTextEdit Multiple format string vulnerabilities in (1) qtextedit.cpp, (2) qdatatable.cpp, (3) qsqldatabase.cpp, (4) qsqlindex.cpp, (5) qsqlrecord.cpp, (6) qglobal.cpp, and (7) qsvgdevice.cpp in QTextEdit in Trolltech Qt 3 before 3.3.8 20070727 allow remote attackers to execute arbitrary code via format string specifiers in text used to compose an error message. network trolltech | 6.8 |
2005-05-02 | CVE-2005-0627 | Local Code Execution vulnerability in Trolltech QT Qt before 3.3.4 searches the BUILD_PREFIX directory, which could be world-writable, to load shared libraries regardless of the LD_LIBRARY_PATH environment variable, which allows local users to execute arbitrary programs. | 4.6 |
2004-09-28 | CVE-2004-0693 | Unspecified vulnerability in Trolltech QT The GIF parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0692. | 5.0 |
2004-09-28 | CVE-2004-0692 | Unspecified vulnerability in Trolltech QT The XPM parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0693. | 5.0 |
2004-09-28 | CVE-2004-0691 | Unspecified vulnerability in Trolltech QT Heap-based buffer overflow in the BMP image format parser for the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code. | 7.5 |
2002-12-31 | CVE-2002-1883 | Unspecified vulnerability in Trolltech QT Assistant 1.0 Trolltech Qt Assistant 1.0 in Trolltech Qt 3.0.3, when loaded from the Designer, opens port 7358 for interprocess communication, which allows remote attackers to open arbitrary HTML pages and cause a denial of service. | 6.4 |
2001-08-13 | CVE-2001-1113 | Buffer Overflow vulnerability in TrollFTPD Buffer overflow in TrollFTPD 1.26 and earlier allows local users to execute arbitrary code by creating a series of deeply nested directories with long names, then running the ls -R (recursive) command. | 10.0 |