CVE-2007-4137
Published Sep 18, 2007
Last updated a year ago
Overview
- Description
- Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable.
- Source
- secalert@redhat.com
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-119
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE"
},
{
"criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180"
},
{
"criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E"
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7"
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7"
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C"
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53"
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "02362C25-B373-4FB1-AF4A-2AFC7F7D4387"
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:x86_64:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "19AD5F8D-6EB9-4E4B-9E82-FFBAB68797E9"
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "19D64247-F0A0-4984-84EA-B63FC901F002"
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:x86_64:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "316AA6EB-7191-479E-99D5-40DA79E340E7"
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF"
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC"
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "94F65351-C2DA-41C0-A3F9-1AE951E4386E"
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "1B795F9F-AFB3-4A2A-ABC6-9246906800DE"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "492EA1BE-E678-4300-A690-3BFCD4B233B2"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:aw:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "C4B5DD1C-BFF6-4247-B684-A7C3D8F60745"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "4E3C9031-F69A-4B6A-A8CB-39027174AA01"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:as:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "327FEE54-79EC-4B5E-B838-F3C61FCDF48E"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:es:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "056C1C15-D110-4309-A9A6-41BD753FE4F2"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:ws:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "08392974-5AC1-4B12-893F-3F733EF05F80"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:as:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "49EF5B77-9BC9-4AE8-A677-48E5E576BE63"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:es:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "36389D32-61C1-4487-8399-FA7D2864FACD"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:ws:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "49B67F74-AF8F-4A27-AA8A-A8479E256A9F"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:client:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "3AA8F2EC-55E9-4529-A816-B5D495605F6B"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:client_workstation:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "28FBE982-794E-4C22-B5EE-F48269282C32"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:server:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "40D71CBC-D365-4710-BAB5-8A1159F35E41"
},
{
"criteria": "cpe:2.3:o:redhat:linux:2.1:*:aw_itanium:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "6B34B4FF-A596-4B1E-8DA7-40B3498147EA"
},
{
"criteria": "cpe:2.3:o:redhat:linux:3.0:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "CBBA00E3-1147-4E6F-BE93-92494285F88F"
},
{
"criteria": "cpe:2.3:o:redhat:linux:4.0:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "C9092D88-585D-4A0C-B181-E8D93563C74B"
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:amd64:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F1672825-AB87-4402-A628-B33AE5B7D4C8"
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:i386:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "939216D8-9E6C-419E-BC0A-EC7F0F29CE95"
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:powerpc:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "E520564E-964D-4758-945B-5EF0C35E605C"
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:sparc:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2294D5A7-7B36-497A-B0F1-514BC49E1423"
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:amd64:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "AB80939E-8B58-48B6-AFB7-9CF518C0EE1F"
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:i386:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "80FF1759-5F86-4046-ABA3-EB7B0038F656"
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:powerpc:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "DF578B64-57E2-4FCD-A6E1-F8F3317FDB88"
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:sparc:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "61B11116-FA94-4989-89A1-C7B551D5195A"
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:7.04:*:amd64:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "7BD79C43-2615-47DE-A100-D21482D866F4"
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:7.04:*:i386:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "1856594D-7D84-4830-A8A7-2C9D4C2D61FD"
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:7.04:*:powerpc:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "0B20DDF0-2FAB-4EB0-B62D-2351514B2808"
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:7.04:*:sparc:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "B7748895-CE00-4BB8-BFCD-A5559BA15869"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trolltech:qt:3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9CB2B261-F31A-4EDF-89D5-1648E7698559"
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E995A0F0-E1BB-441D-B145-1FB0AF4330DB"
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A0B868D0-B166-455D-A96F-8530853D83EE"
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F354E5EE-0B83-4960-98DF-9DBBB504C1C1"
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B546D37F-7115-4CA4-8A63-BFCC0B9E1E81"
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6BA756A7-DE14-40F4-87F6-B3374E88B21A"
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EDD3DFD7-307F-4110-A412-D1C56836DF33"
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.2.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D6D18E6C-5202-4406-AEC8-6477CDA7AE67"
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8A881DD8-9B96-4581-B39B-7721CBCD5F4A"
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C314FF87-F182-4ABF-93D4-748EEF47C5FF"
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.3.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "63829009-5782-4671-8678-2F090CA5520A"
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.3.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9AA116DA-DA3F-415C-88A7-3E65EAA2089C"
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.3.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E9734F0E-6CB9-4C8C-B2D0-21ABA6A22D58"
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.3.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2B28B5A5-98EF-4710-B8B5-D348692046BC"
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.3.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F1539C15-BF9A-43B5-8D29-A3F2C87F92A8"
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.3.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A9E9281D-0DB4-491C-AD2B-E7CA77FC7E48"
},
{
"criteria": "cpe:2.3:a:trolltech:qt:3.3.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5DB7CA86-30F5-48B0-AB47-C4871E16DA10"
},
{
"criteria": "cpe:2.3:a:trolltech:qt:4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "00ED4154-E5B7-49F5-B97F-2B02C82D6B0E"
},
{
"criteria": "cpe:2.3:a:trolltech:qt:4.1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5FC87D43-8E5E-4AD7-8228-345C042EC98F"
},
{
"criteria": "cpe:2.3:a:trolltech:qt:4.1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1461D39A-7705-4932-ABA9-4A2869E692F2"
},
{
"criteria": "cpe:2.3:a:trolltech:qt:4.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1E47B11C-9098-4F39-8BF3-46C95CE63B79"
},
{
"criteria": "cpe:2.3:a:trolltech:qt:4.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "00F001C9-E388-437A-8F72-1C1C4D54FB7F"
},
{
"criteria": "cpe:2.3:a:trolltech:qt:4.2.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8C558DAB-23BD-4076-B839-36B269B97650"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]