CVE-2007-0242
CVE-2007-0242
The UTF-8 decoder in codecs/qutfcodec.cpp in Qt 3.3.8 and 4.2.3 does not reject long UTF-8 sequences as required by the standard, which allows remote attackers to conduct cross-site scripting (XSS) and directory traversal attacks via long sequences that decode to dangerous metacharacters.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
ftp://patches.sgi.com/support/free/security/advisories/20070901-01-P.aschttp://fedoranews.org/updates/FEDORA-2007-703.shtmlhttp://rhn.redhat.com/errata/RHSA-2011-1324.htmlhttp://secunia.com/advisories/24699http://secunia.com/advisories/24705http://secunia.com/advisories/24726http://secunia.com/advisories/24727http://secunia.com/advisories/24759http://secunia.com/advisories/24797http://secunia.com/advisories/24847http://secunia.com/advisories/24889http://secunia.com/advisories/25263