Vulnerability CVE-2007-0242

Vulnerability Name:

CVE-2007-0242 (CCN-33397)

Assigned:

2007-03-29

Published:

2007-03-29

Updated:

2017-10-11

Summary:

The UTF-8 decoder in codecs/qutfcodec.cpp in Qt 3.3.8 and 4.2.3 does not reject long UTF-8 sequences as required by the standard, which allows remote attackers to conduct cross-site scripting (XSS) and directory traversal attacks via long sequences that decode to dangerous metacharacters.

CVSS v3 Severity:

3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): None

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

2.6 Low (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N)
2.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N/E:H/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

4.3 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.7 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

Vulnerability Type:

CWE-Other

Vulnerability Consequences:

Gain Access

References:

Source: SGI
Type: UNKNOWN
20070901-01-P

Source: MITRE
Type: CNA
CVE-2007-0242

Source: FEDORA
Type: UNKNOWN
FEDORA-2007-703

Source: CCN
Type: RHSA-2007-0883
Important: qt security update

Source: CCN
Type: RHSA-2007-0909
Moderate: kdelibs security update

Source: CCN
Type: RHSA-2011-1324
Moderate: qt4 security update

Source: REDHAT
Type: UNKNOWN
RHSA-2011:1324

Source: SECUNIA
Type: UNKNOWN
24699

Source: SECUNIA
Type: UNKNOWN
24705

Source: SECUNIA
Type: UNKNOWN
24726

Source: CCN
Type: SA24727
Qt Overlong UTF-8 Sequence Cross-Site Scripting Vulnerability

Source: SECUNIA
Type: UNKNOWN
24727

Source: SECUNIA
Type: UNKNOWN
24759

Source: SECUNIA
Type: UNKNOWN
24797

Source: SECUNIA
Type: UNKNOWN
24847

Source: SECUNIA
Type: UNKNOWN
24889

Source: SECUNIA
Type: UNKNOWN
25263

Source: SECUNIA
Type: UNKNOWN
26804

Source: SECUNIA
Type: UNKNOWN
26857

Source: SECUNIA
Type: UNKNOWN
27108

Source: CCN
Type: SA27275
Avaya Products Qt Overlong UTF-8 Sequence Cross-Site Scripting

Source: SECUNIA
Type: UNKNOWN
27275

Source: SECUNIA
Type: UNKNOWN
46117

Source: SLACKWARE
Type: UNKNOWN
SSA:2007-093-03

Source: CONFIRM
Type: UNKNOWN
http://support.avaya.com/elmodocs2/security/ASA-2007-424.htm

Source: CCN
Type: ASA-2007-424
Qt security update (RHSA-2007-0883)

Source: CONFIRM
Type: UNKNOWN
http://support.novell.com/techcenter/psdb/39ea4b325a7da742cb8b6995fa585b14.html

Source: CONFIRM
Type: UNKNOWN
http://support.novell.com/techcenter/psdb/fc79b7f48d739f9c803a24ddad933384.html

Source: DEBIAN
Type: UNKNOWN
DSA-1292

Source: DEBIAN
Type: DSA-1292
qt4-x11 -- missing input validation

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2007:074

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2007:075

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2007:076

Source: CONFIRM
Type: Vendor Advisory
http://www.nabble.com/Bug-417390:-CVE-2007-0242,--Qt-UTF-8-overlong-sequence-decoding-vulnerability-t3506065.html

Source: SUSE
Type: UNKNOWN
SUSE-SR:2007:006

Source: REDHAT
Type: UNKNOWN
RHSA-2007:0883

Source: REDHAT
Type: UNKNOWN
RHSA-2007:0909

Source: BID
Type: UNKNOWN
23269

Source: CCN
Type: BID-23269
Trolltech Qt UTF-8 Sequences Input Validation Vulnerability

Source: CCN
Type: Trolltech News & Events Announcement 2007-03-30.9172215350
Trolltech Releases Patch for Qt 3.3.8 and 4.2.3, Adressing UTF-8 Security Issue

Source: CONFIRM
Type: Patch
http://www.trolltech.com/company/newsroom/announcements/press.2007-03-30.9172215350

Source: CCN
Type: TLSA-2007-28
UTF-8 sequences

Source: CCN
Type: TLSA-2007-30
Remote attackers to conduct cross-site scripting

Source: CCN
Type: USN-452-1
KDE library vulnerability

Source: UBUNTU
Type: UNKNOWN
USN-452-1

Source: VUPEN
Type: UNKNOWN
ADV-2007-1212

Source: XF
Type: UNKNOWN
qt-utf8-xss(33397)

Source: XF
Type: UNKNOWN
qt-utf8-xss(33397)

Source: CONFIRM
Type: UNKNOWN
https://issues.rpath.com/browse/RPL-1202

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:11510

Source: SUSE
Type: SUSE-SR:2007:006
SUSE Security Summary Report

Vulnerable Configuration:

Configuration 1:

cpe:/a:qt:qt:3.3.8:*:*:*:*:*:*:*

OR cpe:/a:qt:qt:4.2.3:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

Configuration RedHat 6:

cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

Configuration RedHat 7:

cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

Configuration RedHat 8:

cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

Configuration RedHat 9:

cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

Configuration CCN 1:

cpe:/a:trolltech:qt:3.3.8:*:*:*:*:*:*:*

OR cpe:/a:trolltech:qt:4.2.3:*:*:*:*:*:*:*

AND

cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

OR cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:6.06::lts:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2007::x86_64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*

OR cpe:/o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:*

OR cpe:/o:turbolinux:turbolinux:*:*:personal:*:*:*:*:*

OR cpe:/o:turbolinux:turbolinux:*:*:home:*:*:*:*:*

OR cpe:/o:turbolinux:turbolinux:*:*:multimedia:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*

OR cpe:/a:avaya:message_networking:3.1:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:server:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2007.1::x86-64:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4.5.z::as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4.5.z::es:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20070242	V	CVE-2007-0242	2022-05-20
oval:org.opensuse.security:def:42431	P	Security update for containerd (Moderate)	2022-04-19
oval:org.opensuse.security:def:31750	P	Security update for java-1_7_1-ibm (Moderate) (in QA)	2022-01-04
oval:org.opensuse.security:def:31751	P	Security update for java-1_8_0-ibm (Important) (in QA)	2022-01-04
oval:org.opensuse.security:def:32244	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-12-14
oval:org.opensuse.security:def:31320	P	Security update for MozillaFirefox (Important)	2021-12-12
oval:org.opensuse.security:def:26175	P	Security update for xen (Moderate)	2021-12-01
oval:org.opensuse.security:def:31712	P	Security update for xen (Moderate)	2021-12-01
oval:org.opensuse.security:def:26177	P	Security update for webkit2gtk3 (Important)	2021-12-01
oval:org.opensuse.security:def:31708	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:31294	P	Security update for opensc (Important)	2021-10-29
oval:org.opensuse.security:def:26150	P	Security update for util-linux (Moderate)	2021-10-20
oval:org.opensuse.security:def:32204	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-10-18
oval:org.opensuse.security:def:32205	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-10-18
oval:org.opensuse.security:def:42222	P	Security update for the Linux Kernel (Important)	2021-10-13
oval:org.opensuse.security:def:26141	P	Security update for webkit2gtk3 (Important)	2021-10-06
oval:org.opensuse.security:def:31283	P	Security update for apache2 (Important)	2021-10-06
oval:org.opensuse.security:def:31282	P	Security update for webkit2gtk3 (Important)	2021-10-06
oval:org.opensuse.security:def:26118	P	Security update for php72 (Important)	2021-09-02
oval:org.opensuse.security:def:26113	P	Security update for mysql-connector-java (Moderate)	2021-08-30
oval:org.opensuse.security:def:26101	P	Security update for php74 (Important)	2021-08-06
oval:org.opensuse.security:def:26102	P	Security update for php72 (Important)	2021-08-06
oval:org.opensuse.security:def:26097	P	Security update for lasso (Important)	2021-08-02
oval:org.opensuse.security:def:32156	P	Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)	2021-07-27
oval:org.opensuse.security:def:26083	P	Security update for zziplib (Moderate)	2021-06-25
oval:org.opensuse.security:def:32117	P	Security update for caribou (Important)	2021-06-10
oval:org.opensuse.security:def:36284	P	qt3-3.3.8b-88.21 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36552	P	qt3-devel-3.3.8b-88.21 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:42691	P	qt3-3.3.8b-88.21 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:31188	P	Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP3) (Important)	2021-06-04
oval:org.opensuse.security:def:32102	P	Security update for polkit (Important)	2021-06-03
oval:org.opensuse.security:def:32100	P	Security update for dhcp (Important)	2021-06-01
oval:org.opensuse.security:def:26044	P	Security update for avahi (Moderate)	2021-05-04
oval:org.opensuse.security:def:32060	P	Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP3) (Important)	2021-04-07
oval:org.opensuse.security:def:31368	P	Security update for openssl (Moderate)	2021-03-24
oval:org.opensuse.security:def:26203	P	Security update for openldap2 (Important)	2021-03-03
oval:org.opensuse.security:def:32266	P	Security update for python-cryptography (Important)	2021-03-02
oval:org.opensuse.security:def:31736	P	Security update for MozillaFirefox (Important)	2021-03-01
oval:org.opensuse.security:def:32987	P	Security update for openvswitch (Important)	2021-02-02
oval:org.opensuse.security:def:31649	P	Security update for postgresql, postgresql12, postgresql13 (Important)	2021-01-26
oval:org.opensuse.security:def:32948	P	Security update for ImageMagick (Important)	2021-01-22
oval:org.opensuse.security:def:26037	P	Security update for the Linux Kernel (Important)	2021-01-15
oval:org.opensuse.security:def:31102	P	Security update for xen (Moderate)	2020-12-29
oval:org.opensuse.security:def:35634	P	qt3-3.3.8b-88.21 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35815	P	qt3-3.3.8b-88.21 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:42041	P	qt3-3.3.8b-88.21 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:36024	P	qt3-3.3.8b-88.21 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:25366	P	Security update for ghostscript (Important)	2020-12-01
oval:org.opensuse.security:def:31500	P	Security update for python-paramiko (Moderate)	2020-12-01
oval:org.opensuse.security:def:27550	P	qt3-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25833	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31836	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:26527	P	boost-license on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25903	P	Security update for util-linux (Important)	2020-12-01
oval:org.opensuse.security:def:32740	P	libxslt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25441	P	Security update for dhcp (Moderate)	2020-12-01
oval:org.opensuse.security:def:26252	P	Security update for mariadb-100 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32570	P	libtiff3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25845	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:26731	P	krb5-plugin-kdb-ldap on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31103	P	Security update for kernel-source (Important)	2020-12-01
oval:org.opensuse.security:def:25650	P	Security update for SDL (Moderate)	2020-12-01
oval:org.opensuse.security:def:31892	P	Security update for expat (Moderate)	2020-12-01
oval:org.opensuse.security:def:26565	P	hplip on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33247	P	qt3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31490	P	Security update for python (Important)	2020-12-01
oval:org.opensuse.security:def:26819	P	ruby on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26814	P	qt3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25185	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:25791	P	Security update for kernel-source (Moderate)	2020-12-01
oval:org.opensuse.security:def:31997	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:27247	P	nagios-plugins on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31502	P	Security update for python27 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32416	P	Security update for wireshark (Moderate)	2020-12-01
oval:org.opensuse.security:def:31922	P	Security update for ghostscript-library (Important)	2020-12-01
oval:org.opensuse.security:def:25197	P	Security update for gnuplot (Moderate)	2020-12-01
oval:org.opensuse.security:def:31412	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25995	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:25574	P	Security update for MozillaFirefox (Moderate)	2020-12-01
oval:org.opensuse.security:def:26410	P	Security update for freexl (Important)	2020-12-01
oval:org.opensuse.security:def:32504	P	emacs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32599	P	qt3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25389	P	Security update for perl-DBI (Important)	2020-12-01
oval:org.opensuse.security:def:31556	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:25649	P	Security update for libcdio (Low)	2020-12-01
oval:org.opensuse.security:def:31857	P	Security update for cups (Important)	2020-12-01
oval:org.opensuse.security:def:26512	P	Security update for pdns-recursor (Moderate)	2020-12-01
oval:org.opensuse.security:def:26599	P	libpython2_6-1_0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25527	P	Security update for java-11-openjdk (Moderate)	2020-12-01
oval:org.opensuse.security:def:31768	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26349	P	Security update for redis (Moderate)	2020-12-01
oval:org.opensuse.security:def:25858	P	Security update for util-linux (Moderate)	2020-12-01
oval:org.opensuse.security:def:26833	P	tgt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26305	P	Security update for python-setuptools (Moderate)	2020-12-01
oval:org.opensuse.security:def:25762	P	Security update for Xerces-C (Moderate)	2020-12-01
oval:org.opensuse.security:def:31856	P	Security update for cups (Moderate)	2020-12-01
oval:org.opensuse.security:def:27022	P	qt3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25365	P	Security update for grub2 (Important)	2020-12-01
oval:org.opensuse.security:def:25999	P	Security update for zziplib (Moderate)	2020-12-01
oval:org.opensuse.security:def:27515	P	mercurial on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31762	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26443	P	Security update for helm (Moderate)	2020-12-01
oval:org.opensuse.security:def:25864	P	Security update for php5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25377	P	Security update for grub2 (Important)	2020-12-01
oval:org.opensuse.security:def:31592	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:32526	P	gstreamer-0_10-plugins-good on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25834	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31968	P	Security update for ipmitool (Important)	2020-12-01
oval:org.opensuse.security:def:26678	P	coolkey on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25917	P	Security update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:32779	P	qt3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25569	P	Security update for tomcat (Important)	2020-12-01
oval:org.opensuse.security:def:26291	P	Security update for python-reportlab (Important)	2020-12-01
oval:org.opensuse.security:def:33208	P	mozilla-xulrunner192 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25909	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:26780	P	lvm2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26779	P	logwatch on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31114	P	Security update for krb5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25707	P	Security update for java-1_7_1-ibm (Moderate)	2020-12-01
oval:org.opensuse.security:def:31948	P	Security update for gpg2 (Important)	2020-12-01
oval:org.opensuse.security:def:26609	P	libxslt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31491	P	Security update for Python	2020-12-01
oval:org.opensuse.security:def:32360	P	Security update for strongswan (Moderate)	2020-12-01
oval:org.opensuse.security:def:31878	P	Security update for dhcp (Moderate)	2020-12-01
oval:org.opensuse.security:def:25186	P	Security update for ruby2.1 (Important)	2020-12-01
oval:org.opensuse.security:def:25942	P	Security update for gstreamer-0_10-plugins-bad (Moderate)	2020-12-01
oval:org.opensuse.security:def:32036	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:27282	P	qt3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25573	P	Security update for ghostscript (Important)	2020-12-01
oval:org.opensuse.security:def:31576	P	Security update for sudo (Moderate)	2020-12-01
oval:org.opensuse.security:def:26259	P	Security update for openexr (Moderate)	2020-12-01
oval:org.opensuse.security:def:32465	P	Security update for xorg-x11-libXv (Moderate)	2020-12-01
oval:org.opensuse.security:def:32560	P	libopenssl0_9_8 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25261	P	Security update for python-cffi, python-cryptography (Moderate)	2020-12-01
oval:org.opensuse.security:def:31469	P	Security update for ppc64-diag	2020-12-01
oval:org.opensuse.security:def:32310	P	Security update for quagga (Low)	2020-12-01
oval:org.opensuse.security:def:25585	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:31800	P	Security update for SuSEfirewall2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26463	P	Security update for enigmail (Moderate)	2020-12-01
oval:org.opensuse.security:def:25961	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25470	P	Security update for permissions (Moderate)	2020-12-01
oval:org.opensuse.security:def:25777	P	Security update for flash-player (Critical)	2020-12-01
oval:org.opensuse.security:def:31944	P	Security update for gnutls (Moderate)	2020-12-01
oval:org.opensuse.security:def:26551	P	fvwm2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26634	P	qt3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25611	P	Security update for java-1_8_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:31817	P	Security update for atftp (Important)	2020-12-01
oval:org.opensuse.security:def:26987	P	lvm2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25915	P	Security update for libosip2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26877	P	cups on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26386	P	Security update for kdepim, messagelib (Moderate)	2020-12-01
oval:org.opensuse.security:def:25815	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:32058	P	Security update for kvm (Moderate)	2020-12-01
oval:org.mitre.oval:def:18627	P	DSA-1292-1 qt4-x11	2014-06-23
oval:org.mitre.oval:def:22442	P	ELSA-2007:0909: kdelibs security update (Moderate)	2014-05-26
oval:org.mitre.oval:def:22579	P	ELSA-2007:0883: qt security update (Important)	2014-05-26
oval:org.mitre.oval:def:23408	P	ELSA-2011:1324: qt4 security update (Moderate)	2014-05-26
oval:org.mitre.oval:def:22150	P	RHSA-2011:1324: qt4 security update (Moderate)	2014-02-24
oval:org.mitre.oval:def:11510	V	The UTF-8 decoder in codecs/qutfcodec.cpp in Qt 3.3.8 and 4.2.3 does not reject long UTF-8 sequences as required by the standard, which allows remote attackers to conduct cross-site scripting (XSS) and directory traversal attacks via long sequences that decode to dangerous metacharacters.	2013-04-29
oval:com.redhat.rhsa:def:20111324	P	RHSA-2011:1324: qt4 security update (Moderate)	2011-09-21
oval:com.redhat.rhsa:def:20070909	P	RHSA-2007:0909: kdelibs security update (Moderate)	2008-03-20
oval:com.redhat.rhsa:def:20070883	P	RHSA-2007:0883: qt security update (Important)	2007-09-13
oval:org.debian:def:1292	V	missing input validation	2007-05-15

BACK