Bug 234633 (CVE-2007-0242)

Summary: CVE-2007-0242 QT UTF8 improper character expansion
Product: [Other] Security Response Reporter: Josh Bressers <bressers>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact: Ben Levenson <benl>
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: kreilly, shillman, vdanen
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-01-15 16:47:45 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 234635, 276971, 276981, 276991, 277001, 277011, 277021, 293881, 293901, 293911, 293921, 737815, 738007, 833976    
Bug Blocks: 733120    
Attachments:
Description Flags
Patch for kjs
none
Patch for QT 3
none
Patch for QT4 none

Description Josh Bressers 2007-03-30 18:23:22 UTC 
Andreas Nolden reported a flaw in the QT expands certain UTF8 characters.  This
could lead to a XSS attack withing konqueror.  There is also potential for this
flaw to affect other QT applications that attempt to sanitize user supplied
data.  The example supplied by the KDE security team would be the ability to
inject /../ characters into a filename.
Comment 1 Josh Bressers 2007-03-30 18:27:10 UTC 
This flaw also affects RHEL 2.1, 3, 4, and 5
Comment 3 Josh Bressers 2007-03-30 18:29:07 UTC 
Created attachment 151307 [details]
Patch for kjs
Comment 4 Josh Bressers 2007-03-30 18:30:29 UTC 
Created attachment 151310 [details]
Patch for QT 3
Comment 5 Josh Bressers 2007-03-30 18:32:04 UTC 
Created attachment 151312 [details]
Patch for QT4
Comment 18 Mark J. Cox 2007-06-11 08:08:11 UTC 
Hi Than, another ping about RHEL2.1 packages.
Comment 21 Mark J. Cox 2007-08-21 14:30:12 UTC 
moving to top level security response bug, no point it having all the acks and
flag; we do this now using separate tracking bugs.
Comment 28 Red Hat Product Security 2008-01-15 16:47:45 UTC 
This issue was addressed in:

Red Hat Enterprise Linux:
  http://rhn.redhat.com/errata/RHSA-2007-0883.html
  http://rhn.redhat.com/errata/RHSA-2007-0909.html

Fedora:
  qt packages contain backported patch
  qt4 packages updated to latest upstream version
Comment 30 errata-xmlrpc 2011-09-21 17:54:51 UTC 
This issue has been addressed in following products:

  Red Hat Enterprise Linux 5

Via RHSA-2011:1324 https://rhn.redhat.com/errata/RHSA-2011-1324.html