VYPR
Vendor

Trolltech

Products
5
CVEs
13
Across products
16
Status
Private

Products

5

Recent CVEs

13
  • CVE-2004-0691Sep 28, 2004
    risk 0.04cvss epss 0.15

    Heap-based buffer overflow in the BMP image format parser for the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code.

  • CVE-2022-40983Jan 12, 2023
    risk 0.00cvss epss 0.01

    An integer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an integer overflow during memory allocation, which can lead to arbitrary code execution. Target application would need to access a…

  • CVE-2022-43591Jan 12, 2023
    risk 0.00cvss epss 0.01

    A buffer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an out-of-bounds memory access, which can lead to arbitrary code execution. Target application would need to access a malicious web page…

  • CVE-2016-11034Apr 7, 2020
    risk 0.00cvss epss 0.00

    An issue was discovered on Samsung mobile devices with L(5.0/5.1) and M(6.0) software. The decode function in Qjpeg in Qt 5.7 allows attackers to trigger a system crash via a malformed image. The Samsung ID is SVE-2016-6560 (October 2016).

  • CVE-2009-2700Sep 2, 2009
    risk 0.00cvss epss 0.01

    src/network/ssl/qsslcertificate.cpp in Nokia Trolltech Qt 4.x does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted…

  • CVE-2007-5965Jan 8, 2008
    risk 0.00cvss epss 0.01

    QSslSocket in Trolltech Qt 4.3.0 through 4.3.2 does not properly verify SSL certificates, which might make it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service, or trick a service into accepting an invalid client…

  • CVE-2007-4137Sep 18, 2007
    risk 0.00cvss epss 0.02

    Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the…

  • CVE-2007-3388Aug 3, 2007
    risk 0.00cvss epss 0.04

    Multiple format string vulnerabilities in (1) qtextedit.cpp, (2) qdatatable.cpp, (3) qsqldatabase.cpp, (4) qsqlindex.cpp, (5) qsqlrecord.cpp, (6) qglobal.cpp, and (7) qsvgdevice.cpp in QTextEdit in Trolltech Qt 3 before 3.3.8 20070727 allow remote attackers to execute arbitrary…

  • CVE-2005-0627May 2, 2005
    risk 0.00cvss epss 0.00

    Qt before 3.3.4 searches the BUILD_PREFIX directory, which could be world-writable, to load shared libraries regardless of the LD_LIBRARY_PATH environment variable, which allows local users to execute arbitrary programs.

  • CVE-2004-0692Sep 28, 2004
    risk 0.00cvss epss 0.03

    The XPM parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0693.

  • CVE-2004-0693Sep 28, 2004
    risk 0.00cvss epss 0.03

    The GIF parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0692.

  • CVE-2002-1883Dec 31, 2002
    risk 0.00cvss epss 0.02

    Trolltech Qt Assistant 1.0 in Trolltech Qt 3.0.3, when loaded from the Designer, opens port 7358 for interprocess communication, which allows remote attackers to open arbitrary HTML pages and cause a denial of service.

  • CVE-2001-1113Aug 13, 2001
    risk 0.00cvss epss 0.04

    Buffer overflow in TrollFTPD 1.26 and earlier allows local users to execute arbitrary code by creating a series of deeply nested directories with long names, then running the ls -R (recursive) command.