CVE-2007-0242

Impact:
Moderate
Public Date:
2007-03-29
Bugzilla:
234633: CVE-2007-0242 QT UTF8 improper character expansion

The MITRE CVE dictionary describes this issue as:

The UTF-8 decoder in codecs/qutfcodec.cpp in Qt 3.3.8 and 4.2.3 does not reject long UTF-8 sequences as required by the standard, which allows remote attackers to conduct cross-site scripting (XSS) and directory traversal attacks via long sequences that decode to dangerous metacharacters.

Find out more about CVE-2007-0242 from the MITRE CVE dictionary dictionary and NIST NVD.

CVSS v2 metrics

Base Score 4.3
Base Metrics AV:N/AC:M/Au:N/C:N/I:P/A:N
Access Vector Network
Access Complexity Medium
Authentication None
Confidentiality Impact None
Integrity Impact Partial
Availability Impact None

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 3 (qt) RHSA-2007:0883 2007-09-13
Red Hat Enterprise Linux 5 (qt4) RHSA-2011:1324 2011-09-21
Red Hat Enterprise Linux 4 (qt) RHSA-2007:0883 2007-09-13
Red Hat Enterprise Linux 5 (kdelibs) RHSA-2007:0909 2007-10-08
Red Hat Enterprise Linux 2.1 (qt) RHSA-2007:0883 2007-09-13
Red Hat Enterprise Linux 4 (kdelibs) RHSA-2007:0909 2007-10-08
Red Hat Enterprise Linux 5 (qt) RHSA-2007:0883 2007-09-13

Mitigation

Last Modified

CVE description copyright © 2017, The MITRE Corporation