234633 – (CVE-2007-0242) CVE-2007-0242 QT UTF8 improper character expansion

Bug 234633 (CVE-2007-0242) - CVE-2007-0242 QT UTF8 improper character expansion

Summary: CVE-2007-0242 QT UTF8 improper character expansion

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2007-0242
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:	Ben Levenson
Docs Contact:
URL:
Whiteboard:
Depends On:	234635 276971 276981 276991 277001 277011 277021 293881 293901 293911 293921 737815 738007 833976
Blocks:	733120
TreeView+	depends on / blocked

Reported:	2007-03-30 18:23 UTC by Josh Bressers
Modified:	2019-09-29 12:20 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2008-01-15 16:47:45 UTC
Embargoed:

Attachments	(Terms of Use)
Patch for kjs (1.31 KB, patch) 2007-03-30 18:29 UTC, Josh Bressers	no flags	Details \| Diff
Patch for QT 3 (2.61 KB, patch) 2007-03-30 18:30 UTC, Josh Bressers	no flags	Details \| Diff
Patch for QT4 (5.05 KB, patch) 2007-03-30 18:32 UTC, Josh Bressers	no flags	Details \| Diff
View All

Links
System	ID	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2007:0883	normal	SHIPPED_LIVE	Important: qt security update	2008-01-08 00:03:59 UTC
Red Hat Product Errata	RHSA-2007:0909	normal	SHIPPED_LIVE	Moderate: kdelibs security update	2008-01-09 01:17:18 UTC
Red Hat Product Errata	RHSA-2011:1324	normal	SHIPPED_LIVE	Moderate: qt4 security update	2011-09-21 17:54:39 UTC

Description Josh Bressers 2007-03-30 18:23:22 UTC

Andreas Nolden reported a flaw in the QT expands certain UTF8 characters.  This
could lead to a XSS attack withing konqueror.  There is also potential for this
flaw to affect other QT applications that attempt to sanitize user supplied
data.  The example supplied by the KDE security team would be the ability to
inject /../ characters into a filename.

Comment 1 Josh Bressers 2007-03-30 18:27:10 UTC

This flaw also affects RHEL 2.1, 3, 4, and 5

Comment 3 Josh Bressers 2007-03-30 18:29:07 UTC

Created attachment 151307 [details]
Patch for kjs

Comment 4 Josh Bressers 2007-03-30 18:30:29 UTC

Created attachment 151310 [details]
Patch for QT 3

Comment 5 Josh Bressers 2007-03-30 18:32:04 UTC

Created attachment 151312 [details]
Patch for QT4

Comment 18 Mark J. Cox 2007-06-11 08:08:11 UTC

Hi Than, another ping about RHEL2.1 packages.

Comment 21 Mark J. Cox 2007-08-21 14:30:12 UTC

moving to top level security response bug, no point it having all the acks and
flag; we do this now using separate tracking bugs.

Comment 28 Red Hat Product Security 2008-01-15 16:47:45 UTC

This issue was addressed in:

Red Hat Enterprise Linux:
  http://rhn.redhat.com/errata/RHSA-2007-0883.html
  http://rhn.redhat.com/errata/RHSA-2007-0909.html

Fedora:
  qt packages contain backported patch
  qt4 packages updated to latest upstream version

Comment 30 errata-xmlrpc 2011-09-21 17:54:51 UTC

This issue has been addressed in following products:

  Red Hat Enterprise Linux 5

Via RHSA-2011:1324 https://rhn.redhat.com/errata/RHSA-2011-1324.html

Note You need to log in before you can comment on or make changes to this bug.