{ "id": "CVE-2007-4137", "sourceIdentifier": "secalert@redhat.com", "published": "2007-09-18T19:17:00.000", "lastModified": "2023-11-07T02:00:59.060", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", "value": "Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable." }, { "lang": "es", "value": "Error de superaci\u00f3n de l\u00edmite (off-by-one) en la funci\u00f3n QUtf8Decoder::toUnicode de Trolltech Qt3 permite a usuarios locales o remotos (dependiendo del contexto) provocar una denegaci\u00f3n de servicio (ca\u00edda) mediante una cadena Unicode manipulada que dispara un desbordamiento de b\u00fafer basado en mont\u00edculo. NOTA: Qt 4 tiene el mismo error en la funci\u00f3n QUtf8Codec::convertToUnicode, pero no es explotable." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 7.5 }, "baseSeverity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-119" } ] } ], "configurations": [ { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE" }, { "vulnerable": false, "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180" }, { "vulnerable": false, "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E" }, { "vulnerable": false, "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7" }, { "vulnerable": false, "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*", "matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7" }, { "vulnerable": false, "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C" }, { "vulnerable": false, "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*", "matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53" }, { "vulnerable": false, "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*", "matchCriteriaId": "02362C25-B373-4FB1-AF4A-2AFC7F7D4387" }, { "vulnerable": false, "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:x86_64:*:*:*:*:*", "matchCriteriaId": "19AD5F8D-6EB9-4E4B-9E82-FFBAB68797E9" }, { "vulnerable": false, "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*", "matchCriteriaId": "19D64247-F0A0-4984-84EA-B63FC901F002" }, { "vulnerable": false, "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "316AA6EB-7191-479E-99D5-40DA79E340E7" }, { "vulnerable": false, "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF" }, { "vulnerable": false, "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC" }, { "vulnerable": false, "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "94F65351-C2DA-41C0-A3F9-1AE951E4386E" }, { "vulnerable": false, "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "1B795F9F-AFB3-4A2A-ABC6-9246906800DE" }, { "vulnerable": false, "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*", "matchCriteriaId": "492EA1BE-E678-4300-A690-3BFCD4B233B2" }, { "vulnerable": false, "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:aw:*:*:*:*:*", "matchCriteriaId": "C4B5DD1C-BFF6-4247-B684-A7C3D8F60745" }, { "vulnerable": false, "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*", "matchCriteriaId": "4E3C9031-F69A-4B6A-A8CB-39027174AA01" }, { "vulnerable": false, "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:as:*:*:*:*:*", "matchCriteriaId": "327FEE54-79EC-4B5E-B838-F3C61FCDF48E" }, { "vulnerable": false, "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:es:*:*:*:*:*", "matchCriteriaId": "056C1C15-D110-4309-A9A6-41BD753FE4F2" }, { "vulnerable": false, "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:ws:*:*:*:*:*", "matchCriteriaId": "08392974-5AC1-4B12-893F-3F733EF05F80" }, { "vulnerable": false, "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:as:*:*:*:*:*", "matchCriteriaId": "49EF5B77-9BC9-4AE8-A677-48E5E576BE63" }, { "vulnerable": false, "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:es:*:*:*:*:*", "matchCriteriaId": "36389D32-61C1-4487-8399-FA7D2864FACD" }, { "vulnerable": false, "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:ws:*:*:*:*:*", "matchCriteriaId": "49B67F74-AF8F-4A27-AA8A-A8479E256A9F" }, { "vulnerable": false, "criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:client:*:*:*:*:*", "matchCriteriaId": "3AA8F2EC-55E9-4529-A816-B5D495605F6B" }, { "vulnerable": false, "criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:client_workstation:*:*:*:*:*", "matchCriteriaId": "28FBE982-794E-4C22-B5EE-F48269282C32" }, { "vulnerable": false, "criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:server:*:*:*:*:*", "matchCriteriaId": "40D71CBC-D365-4710-BAB5-8A1159F35E41" }, { "vulnerable": false, "criteria": "cpe:2.3:o:redhat:linux:2.1:*:aw_itanium:*:*:*:*:*", "matchCriteriaId": "6B34B4FF-A596-4B1E-8DA7-40B3498147EA" }, { "vulnerable": false, "criteria": "cpe:2.3:o:redhat:linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "CBBA00E3-1147-4E6F-BE93-92494285F88F" }, { "vulnerable": false, "criteria": "cpe:2.3:o:redhat:linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9092D88-585D-4A0C-B181-E8D93563C74B" }, { "vulnerable": false, "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:amd64:*:*:*:*:*", "matchCriteriaId": "F1672825-AB87-4402-A628-B33AE5B7D4C8" }, { "vulnerable": false, "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:i386:*:*:*:*:*", "matchCriteriaId": "939216D8-9E6C-419E-BC0A-EC7F0F29CE95" }, { "vulnerable": false, "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:powerpc:*:*:*:*:*", "matchCriteriaId": "E520564E-964D-4758-945B-5EF0C35E605C" }, { "vulnerable": false, "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:sparc:*:*:*:*:*", "matchCriteriaId": "2294D5A7-7B36-497A-B0F1-514BC49E1423" }, { "vulnerable": false, "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:amd64:*:*:*:*:*", "matchCriteriaId": "AB80939E-8B58-48B6-AFB7-9CF518C0EE1F" }, { "vulnerable": false, "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:i386:*:*:*:*:*", "matchCriteriaId": "80FF1759-5F86-4046-ABA3-EB7B0038F656" }, { "vulnerable": false, "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:powerpc:*:*:*:*:*", "matchCriteriaId": "DF578B64-57E2-4FCD-A6E1-F8F3317FDB88" }, { "vulnerable": false, "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:sparc:*:*:*:*:*", "matchCriteriaId": "61B11116-FA94-4989-89A1-C7B551D5195A" }, { "vulnerable": false, "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:7.04:*:amd64:*:*:*:*:*", "matchCriteriaId": "7BD79C43-2615-47DE-A100-D21482D866F4" }, { "vulnerable": false, "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:7.04:*:i386:*:*:*:*:*", "matchCriteriaId": "1856594D-7D84-4830-A8A7-2C9D4C2D61FD" }, { "vulnerable": false, "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:7.04:*:powerpc:*:*:*:*:*", "matchCriteriaId": "0B20DDF0-2FAB-4EB0-B62D-2351514B2808" }, { "vulnerable": false, "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:7.04:*:sparc:*:*:*:*:*", "matchCriteriaId": "B7748895-CE00-4BB8-BFCD-A5559BA15869" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:trolltech:qt:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "9CB2B261-F31A-4EDF-89D5-1648E7698559" }, { "vulnerable": true, "criteria": "cpe:2.3:a:trolltech:qt:3.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "E995A0F0-E1BB-441D-B145-1FB0AF4330DB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:trolltech:qt:3.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "A0B868D0-B166-455D-A96F-8530853D83EE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:trolltech:qt:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "F354E5EE-0B83-4960-98DF-9DBBB504C1C1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:trolltech:qt:3.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "B546D37F-7115-4CA4-8A63-BFCC0B9E1E81" }, { "vulnerable": true, "criteria": "cpe:2.3:a:trolltech:qt:3.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "6BA756A7-DE14-40F4-87F6-B3374E88B21A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:trolltech:qt:3.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "EDD3DFD7-307F-4110-A412-D1C56836DF33" }, { "vulnerable": true, "criteria": "cpe:2.3:a:trolltech:qt:3.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "D6D18E6C-5202-4406-AEC8-6477CDA7AE67" }, { "vulnerable": true, "criteria": "cpe:2.3:a:trolltech:qt:3.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "8A881DD8-9B96-4581-B39B-7721CBCD5F4A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:trolltech:qt:3.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "C314FF87-F182-4ABF-93D4-748EEF47C5FF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:trolltech:qt:3.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "63829009-5782-4671-8678-2F090CA5520A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:trolltech:qt:3.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "9AA116DA-DA3F-415C-88A7-3E65EAA2089C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:trolltech:qt:3.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "E9734F0E-6CB9-4C8C-B2D0-21ABA6A22D58" }, { "vulnerable": true, "criteria": "cpe:2.3:a:trolltech:qt:3.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "2B28B5A5-98EF-4710-B8B5-D348692046BC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:trolltech:qt:3.3.6:*:*:*:*:*:*:*", "matchCriteriaId": "F1539C15-BF9A-43B5-8D29-A3F2C87F92A8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:trolltech:qt:3.3.7:*:*:*:*:*:*:*", "matchCriteriaId": "A9E9281D-0DB4-491C-AD2B-E7CA77FC7E48" }, { "vulnerable": true, "criteria": "cpe:2.3:a:trolltech:qt:3.3.8:*:*:*:*:*:*:*", "matchCriteriaId": "5DB7CA86-30F5-48B0-AB47-C4871E16DA10" }, { "vulnerable": true, "criteria": "cpe:2.3:a:trolltech:qt:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "00ED4154-E5B7-49F5-B97F-2B02C82D6B0E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:trolltech:qt:4.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "5FC87D43-8E5E-4AD7-8228-345C042EC98F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:trolltech:qt:4.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "1461D39A-7705-4932-ABA9-4A2869E692F2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:trolltech:qt:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "1E47B11C-9098-4F39-8BF3-46C95CE63B79" }, { "vulnerable": true, "criteria": "cpe:2.3:a:trolltech:qt:4.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "00F001C9-E388-437A-8F72-1C1C4D54FB7F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:trolltech:qt:4.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "8C558DAB-23BD-4076-B839-36B269B97650" } ] } ] } ], "references": [ { "url": "ftp://patches.sgi.com/support/free/security/advisories/20070901-01-P.asc", "source": "secalert@redhat.com" }, { "url": "http://bugs.gentoo.org/show_bug.cgi?id=192472", "source": "secalert@redhat.com" }, { "url": "http://dist.trolltech.com/developer/download/175791_3.diff", "source": "secalert@redhat.com" }, { "url": "http://dist.trolltech.com/developer/download/175791_4.diff", "source": "secalert@redhat.com" }, { "url": "http://fedoranews.org/updates/FEDORA-2007-221.shtml", "source": "secalert@redhat.com" }, { "url": "http://fedoranews.org/updates/FEDORA-2007-703.shtml", "source": "secalert@redhat.com" }, { "url": "http://osvdb.org/39384", "source": "secalert@redhat.com" }, { "url": "http://secunia.com/advisories/26778", "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ] }, { "url": "http://secunia.com/advisories/26782", "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ] }, { "url": "http://secunia.com/advisories/26804", "source": "secalert@redhat.com" }, { "url": "http://secunia.com/advisories/26811", "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ] }, { "url": "http://secunia.com/advisories/26857", "source": "secalert@redhat.com" }, { "url": "http://secunia.com/advisories/26868", "source": "secalert@redhat.com" }, { "url": "http://secunia.com/advisories/26882", "source": "secalert@redhat.com" }, { "url": "http://secunia.com/advisories/26987", "source": "secalert@redhat.com" }, { "url": "http://secunia.com/advisories/27053", "source": "secalert@redhat.com" }, { "url": "http://secunia.com/advisories/27275", "source": "secalert@redhat.com" }, { "url": "http://secunia.com/advisories/27382", "source": "secalert@redhat.com" }, { "url": "http://secunia.com/advisories/27996", "source": "secalert@redhat.com" }, { "url": "http://secunia.com/advisories/28021", "source": "secalert@redhat.com" }, { "url": "http://security.gentoo.org/glsa/glsa-200710-28.xml", "source": "secalert@redhat.com" }, { "url": "http://security.gentoo.org/glsa/glsa-200712-08.xml", "source": "secalert@redhat.com" }, { "url": "http://securitytracker.com/id?1018688", "source": "secalert@redhat.com" }, { "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-424.htm", "source": "secalert@redhat.com" }, { "url": "http://trolltech.com/company/newsroom/announcements/press.2007-09-03.7564032119", "source": "secalert@redhat.com" }, { "url": "http://www.debian.org/security/2007/dsa-1426", "source": "secalert@redhat.com" }, { "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:183", "source": "secalert@redhat.com" }, { "url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html", "source": "secalert@redhat.com" }, { "url": "http://www.redhat.com/support/errata/RHSA-2007-0883.html", "source": "secalert@redhat.com" }, { "url": "http://www.securityfocus.com/archive/1/481498/100/0/threaded", "source": "secalert@redhat.com" }, { "url": "http://www.securityfocus.com/bid/25657", "source": "secalert@redhat.com" }, { "url": "http://www.ubuntu.com/usn/usn-513-1", "source": "secalert@redhat.com" }, { "url": "http://www.vupen.com/english/advisories/2007/3144", "source": "secalert@redhat.com" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=269001", "source": "secalert@redhat.com" }, { "url": "https://issues.rpath.com/browse/RPL-1751", "source": "secalert@redhat.com" }, { "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11159", "source": "secalert@redhat.com" } ] }