Bug 234633 (CVE-2007-0242) - CVE-2007-0242 QT UTF8 improper character expansion
Summary: CVE-2007-0242 QT UTF8 improper character expansion
Alias: CVE-2007-0242
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact: Ben Levenson
Depends On: 234635 276971 276981 276991 277001 277011 277021 293881 293901 293911 293921 737815 738007 833976
Blocks: 733120
TreeView+ depends on / blocked
Reported: 2007-03-30 18:23 UTC by Josh Bressers
Modified: 2019-09-29 12:20 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2008-01-15 16:47:45 UTC

Attachments (Terms of Use)
Patch for kjs (1.31 KB, patch)
2007-03-30 18:29 UTC, Josh Bressers
no flags Details | Diff
Patch for QT 3 (2.61 KB, patch)
2007-03-30 18:30 UTC, Josh Bressers
no flags Details | Diff
Patch for QT4 (5.05 KB, patch)
2007-03-30 18:32 UTC, Josh Bressers
no flags Details | Diff

System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2007:0883 0 normal SHIPPED_LIVE Important: qt security update 2008-01-08 00:03:59 UTC
Red Hat Product Errata RHSA-2007:0909 0 normal SHIPPED_LIVE Moderate: kdelibs security update 2008-01-09 01:17:18 UTC
Red Hat Product Errata RHSA-2011:1324 0 normal SHIPPED_LIVE Moderate: qt4 security update 2011-09-21 17:54:39 UTC

Description Josh Bressers 2007-03-30 18:23:22 UTC
Andreas Nolden reported a flaw in the QT expands certain UTF8 characters.  This
could lead to a XSS attack withing konqueror.  There is also potential for this
flaw to affect other QT applications that attempt to sanitize user supplied
data.  The example supplied by the KDE security team would be the ability to
inject /../ characters into a filename.

Comment 1 Josh Bressers 2007-03-30 18:27:10 UTC
This flaw also affects RHEL 2.1, 3, 4, and 5

Comment 3 Josh Bressers 2007-03-30 18:29:07 UTC
Created attachment 151307 [details]
Patch for kjs

Comment 4 Josh Bressers 2007-03-30 18:30:29 UTC
Created attachment 151310 [details]
Patch for QT 3

Comment 5 Josh Bressers 2007-03-30 18:32:04 UTC
Created attachment 151312 [details]
Patch for QT4

Comment 18 Mark J. Cox 2007-06-11 08:08:11 UTC
Hi Than, another ping about RHEL2.1 packages.

Comment 21 Mark J. Cox 2007-08-21 14:30:12 UTC
moving to top level security response bug, no point it having all the acks and
flag; we do this now using separate tracking bugs.

Comment 28 Red Hat Product Security 2008-01-15 16:47:45 UTC
This issue was addressed in:

Red Hat Enterprise Linux:

  qt packages contain backported patch
  qt4 packages updated to latest upstream version

Comment 30 errata-xmlrpc 2011-09-21 17:54:51 UTC
This issue has been addressed in following products:

  Red Hat Enterprise Linux 5

Via RHSA-2011:1324 https://rhn.redhat.com/errata/RHSA-2011-1324.html

Note You need to log in before you can comment on or make changes to this bug.