Buffer overflow in TrollFTPD 1.26 and earlier allows local users to execute arbitrary code by creating a series of deeply nested directories with long names, then running the ls -R (recursive) command.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| trolltech | trollftpd | 1.18 |
| trolltech | trollftpd | 1.22 |
| trolltech | trollftpd | 1.23 |
| trolltech | trollftpd | 1.21 |
| trolltech | trollftpd | 1.17 |
| trolltech | trollftpd | 1.24 |
| trolltech | trollftpd | 1.25 |
| trolltech | trollftpd | 1.19 |
| trolltech | trollftpd | 1.20 |
| trolltech | trollftpd | 1.26 |
Trolltech Qt Assistant 1.0 in Trolltech Qt 3.0.3, when loaded from the Designer, opens port 7358 for interprocess communication, which allows remote attackers to open arbitrary HTML pages and cause a denial of service.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| trolltech | qt_assistant | 1.0 |
Heap-based buffer overflow in the BMP image format parser for the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| trolltech | qt | * |
The XPM parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0693.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| trolltech | qt | * |
The GIF parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0692.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| trolltech | qt | * |
Qt before 3.3.4 searches the BUILD_PREFIX directory, which could be world-writable, to load shared libraries regardless of the LD_LIBRARY_PATH environment variable, which allows local users to execute arbitrary programs.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| trolltech | qt | 3.3.3 |
| trolltech | qt | 3.0 |
| trolltech | qt | 3.2.1 |
| trolltech | qt | 3.3.2 |
| trolltech | qt | 3.3.0 |
| trolltech | qt | 3.0.5 |
| trolltech | qt | 3.1.2 |
| trolltech | qt | 3.3.1 |
| trolltech | qt | 3.0.3 |
| trolltech | qt | 3.1.1 |
| trolltech | qt | 3.1 |
| trolltech | qt | 3.2.3 |
Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| trolltech | qt | 3.3.3 |
| trolltech | qt | 3.3.7 |
| trolltech | qt | 4.2 |
| trolltech | qt | 3.0 |
| trolltech | qt | 3.2.1 |
| trolltech | qt | 3.3.2 |
| trolltech | qt | 3.3.0 |
| trolltech | qt | 3.0.5 |
| trolltech | qt | 3.3.4 |
| trolltech | qt | 3.3.6 |
| trolltech | qt | 4.2.1 |
| trolltech | qt | 3.1.2 |
| trolltech | qt | 3.3.1 |
| trolltech | qt | 4.2.3 |
| trolltech | qt | 3.0.3 |
| trolltech | qt | 3.1.1 |
| trolltech | qt | 3.1 |
| trolltech | qt | 3.2.3 |
| trolltech | qt | 4.1 |
| trolltech | qt | 4.1.5 |
| trolltech | qt | 4.1.4 |
| trolltech | qt | 3.3.5 |
| trolltech | qt | 3.3.8 |