{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-09-03T00:00:00", "descriptions": [{"lang": "en", "value": "Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow.  NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-15T20:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://bugs.gentoo.org/show_bug.cgi?id=192472"}, {"name": "MDKSA-2007:183", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:183"}, {"name": "SUSE-SR:2007:019", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html"}, {"name": "26868", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26868"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-424.htm"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://issues.rpath.com/browse/RPL-1751"}, {"name": "26811", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26811"}, {"name": "oval:org.mitre.oval:def:11159", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11159"}, {"name": "27053", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/27053"}, {"name": "27996", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/27996"}, {"name": "27275", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/27275"}, {"name": "27382", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/27382"}, {"name": "26857", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26857"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://trolltech.com/company/newsroom/announcements/press.2007-09-03.7564032119"}, {"name": "26778", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26778"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=269001"}, {"name": "26882", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26882"}, {"name": "26987", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26987"}, {"name": "GLSA-200710-28", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-200710-28.xml"}, {"name": "ADV-2007-3144", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/3144"}, {"name": "20070901-01-P", "tags": ["vendor-advisory", "x_refsource_SGI"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20070901-01-P.asc"}, {"tags": ["x_refsource_MISC"], "url": "http://dist.trolltech.com/developer/download/175791_4.diff"}, {"name": "39384", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/39384"}, {"name": "26804", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26804"}, {"name": "26782", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26782"}, {"tags": ["x_refsource_MISC"], "url": "http://dist.trolltech.com/developer/download/175791_3.diff"}, {"name": "FEDORA-2007-703", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://fedoranews.org/updates/FEDORA-2007-703.shtml"}, {"name": "FEDORA-2007-2216", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://fedoranews.org/updates/FEDORA-2007-221.shtml"}, {"name": "GLSA-200712-08", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-200712-08.xml"}, {"name": "28021", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28021"}, {"name": "RHSA-2007:0883", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0883.html"}, {"name": "1018688", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1018688"}, {"name": "20071004 FLEA-2007-0059-1 qt qt-tools", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/481498/100/0/threaded"}, {"name": "USN-513-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/usn-513-1"}, {"name": "25657", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/25657"}, {"name": "DSA-1426", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2007/dsa-1426"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T14:46:38.696Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://bugs.gentoo.org/show_bug.cgi?id=192472"}, {"name": "MDKSA-2007:183", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:183"}, {"name": "SUSE-SR:2007:019", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html"}, {"name": "26868", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/26868"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-424.htm"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://issues.rpath.com/browse/RPL-1751"}, {"name": "26811", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/26811"}, {"name": "oval:org.mitre.oval:def:11159", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11159"}, {"name": "27053", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/27053"}, {"name": "27996", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/27996"}, {"name": "27275", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/27275"}, {"name": "27382", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/27382"}, {"name": "26857", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/26857"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://trolltech.com/company/newsroom/announcements/press.2007-09-03.7564032119"}, {"name": "26778", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/26778"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=269001"}, {"name": "26882", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/26882"}, {"name": "26987", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/26987"}, {"name": "GLSA-200710-28", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-200710-28.xml"}, {"name": "ADV-2007-3144", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/3144"}, {"name": "20070901-01-P", "tags": ["vendor-advisory", "x_refsource_SGI", "x_transferred"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20070901-01-P.asc"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://dist.trolltech.com/developer/download/175791_4.diff"}, {"name": "39384", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/39384"}, {"name": "26804", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/26804"}, {"name": "26782", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/26782"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://dist.trolltech.com/developer/download/175791_3.diff"}, {"name": "FEDORA-2007-703", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://fedoranews.org/updates/FEDORA-2007-703.shtml"}, {"name": "FEDORA-2007-2216", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://fedoranews.org/updates/FEDORA-2007-221.shtml"}, {"name": "GLSA-200712-08", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-200712-08.xml"}, {"name": "28021", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/28021"}, {"name": "RHSA-2007:0883", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0883.html"}, {"name": "1018688", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1018688"}, {"name": "20071004 FLEA-2007-0059-1 qt qt-tools", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/481498/100/0/threaded"}, {"name": "USN-513-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/usn-513-1"}, {"name": "25657", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/25657"}, {"name": "DSA-1426", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2007/dsa-1426"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2007-4137", "datePublished": "2007-09-18T19:00:00", "dateReserved": "2007-08-02T00:00:00", "dateUpdated": "2024-08-07T14:46:38.696Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE", "vulnerable": false}, {"criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180", "vulnerable": false}, {"criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E", "vulnerable": false}, {"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7", "vulnerable": false}, {"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*", "matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7", "vulnerable": false}, {"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C", "vulnerable": false}, {"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*", "matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53", "vulnerable": false}, {"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*", "matchCriteriaId": "02362C25-B373-4FB1-AF4A-2AFC7F7D4387", "vulnerable": false}, {"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:x86_64:*:*:*:*:*", "matchCriteriaId": "19AD5F8D-6EB9-4E4B-9E82-FFBAB68797E9", "vulnerable": false}, {"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*", "matchCriteriaId": "19D64247-F0A0-4984-84EA-B63FC901F002", "vulnerable": false}, {"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "316AA6EB-7191-479E-99D5-40DA79E340E7", "vulnerable": false}, {"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF", "vulnerable": false}, {"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC", "vulnerable": false}, {"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "94F65351-C2DA-41C0-A3F9-1AE951E4386E", "vulnerable": false}, {"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "1B795F9F-AFB3-4A2A-ABC6-9246906800DE", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*", "matchCriteriaId": "492EA1BE-E678-4300-A690-3BFCD4B233B2", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:aw:*:*:*:*:*", "matchCriteriaId": "C4B5DD1C-BFF6-4247-B684-A7C3D8F60745", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*", "matchCriteriaId": "4E3C9031-F69A-4B6A-A8CB-39027174AA01", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:as:*:*:*:*:*", "matchCriteriaId": "327FEE54-79EC-4B5E-B838-F3C61FCDF48E", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:es:*:*:*:*:*", "matchCriteriaId": "056C1C15-D110-4309-A9A6-41BD753FE4F2", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:ws:*:*:*:*:*", "matchCriteriaId": "08392974-5AC1-4B12-893F-3F733EF05F80", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:as:*:*:*:*:*", "matchCriteriaId": "49EF5B77-9BC9-4AE8-A677-48E5E576BE63", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:es:*:*:*:*:*", "matchCriteriaId": "36389D32-61C1-4487-8399-FA7D2864FACD", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:ws:*:*:*:*:*", "matchCriteriaId": "49B67F74-AF8F-4A27-AA8A-A8479E256A9F", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:client:*:*:*:*:*", "matchCriteriaId": "3AA8F2EC-55E9-4529-A816-B5D495605F6B", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:client_workstation:*:*:*:*:*", "matchCriteriaId": "28FBE982-794E-4C22-B5EE-F48269282C32", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:server:*:*:*:*:*", "matchCriteriaId": "40D71CBC-D365-4710-BAB5-8A1159F35E41", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:linux:2.1:*:aw_itanium:*:*:*:*:*", "matchCriteriaId": "6B34B4FF-A596-4B1E-8DA7-40B3498147EA", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "CBBA00E3-1147-4E6F-BE93-92494285F88F", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9092D88-585D-4A0C-B181-E8D93563C74B", "vulnerable": false}, {"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:amd64:*:*:*:*:*", "matchCriteriaId": "F1672825-AB87-4402-A628-B33AE5B7D4C8", "vulnerable": false}, {"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:i386:*:*:*:*:*", "matchCriteriaId": "939216D8-9E6C-419E-BC0A-EC7F0F29CE95", "vulnerable": false}, {"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:powerpc:*:*:*:*:*", "matchCriteriaId": "E520564E-964D-4758-945B-5EF0C35E605C", "vulnerable": false}, {"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:sparc:*:*:*:*:*", "matchCriteriaId": "2294D5A7-7B36-497A-B0F1-514BC49E1423", "vulnerable": false}, {"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:amd64:*:*:*:*:*", "matchCriteriaId": "AB80939E-8B58-48B6-AFB7-9CF518C0EE1F", "vulnerable": false}, {"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:i386:*:*:*:*:*", "matchCriteriaId": "80FF1759-5F86-4046-ABA3-EB7B0038F656", "vulnerable": false}, {"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:powerpc:*:*:*:*:*", "matchCriteriaId": "DF578B64-57E2-4FCD-A6E1-F8F3317FDB88", "vulnerable": false}, {"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:sparc:*:*:*:*:*", "matchCriteriaId": "61B11116-FA94-4989-89A1-C7B551D5195A", "vulnerable": false}, {"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:7.04:*:amd64:*:*:*:*:*", "matchCriteriaId": "7BD79C43-2615-47DE-A100-D21482D866F4", "vulnerable": false}, {"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:7.04:*:i386:*:*:*:*:*", "matchCriteriaId": "1856594D-7D84-4830-A8A7-2C9D4C2D61FD", "vulnerable": false}, {"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:7.04:*:powerpc:*:*:*:*:*", "matchCriteriaId": "0B20DDF0-2FAB-4EB0-B62D-2351514B2808", "vulnerable": false}, {"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:7.04:*:sparc:*:*:*:*:*", "matchCriteriaId": "B7748895-CE00-4BB8-BFCD-A5559BA15869", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:trolltech:qt:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "9CB2B261-F31A-4EDF-89D5-1648E7698559", "vulnerable": true}, {"criteria": "cpe:2.3:a:trolltech:qt:3.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "E995A0F0-E1BB-441D-B145-1FB0AF4330DB", "vulnerable": true}, {"criteria": "cpe:2.3:a:trolltech:qt:3.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "A0B868D0-B166-455D-A96F-8530853D83EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:trolltech:qt:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "F354E5EE-0B83-4960-98DF-9DBBB504C1C1", "vulnerable": true}, {"criteria": "cpe:2.3:a:trolltech:qt:3.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "B546D37F-7115-4CA4-8A63-BFCC0B9E1E81", "vulnerable": true}, {"criteria": "cpe:2.3:a:trolltech:qt:3.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "6BA756A7-DE14-40F4-87F6-B3374E88B21A", "vulnerable": true}, {"criteria": "cpe:2.3:a:trolltech:qt:3.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "EDD3DFD7-307F-4110-A412-D1C56836DF33", "vulnerable": true}, {"criteria": "cpe:2.3:a:trolltech:qt:3.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "D6D18E6C-5202-4406-AEC8-6477CDA7AE67", "vulnerable": true}, {"criteria": "cpe:2.3:a:trolltech:qt:3.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "8A881DD8-9B96-4581-B39B-7721CBCD5F4A", "vulnerable": true}, {"criteria": "cpe:2.3:a:trolltech:qt:3.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "C314FF87-F182-4ABF-93D4-748EEF47C5FF", "vulnerable": true}, {"criteria": "cpe:2.3:a:trolltech:qt:3.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "63829009-5782-4671-8678-2F090CA5520A", "vulnerable": true}, {"criteria": "cpe:2.3:a:trolltech:qt:3.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "9AA116DA-DA3F-415C-88A7-3E65EAA2089C", "vulnerable": true}, {"criteria": "cpe:2.3:a:trolltech:qt:3.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "E9734F0E-6CB9-4C8C-B2D0-21ABA6A22D58", "vulnerable": true}, {"criteria": "cpe:2.3:a:trolltech:qt:3.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "2B28B5A5-98EF-4710-B8B5-D348692046BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:trolltech:qt:3.3.6:*:*:*:*:*:*:*", "matchCriteriaId": "F1539C15-BF9A-43B5-8D29-A3F2C87F92A8", "vulnerable": true}, {"criteria": "cpe:2.3:a:trolltech:qt:3.3.7:*:*:*:*:*:*:*", "matchCriteriaId": "A9E9281D-0DB4-491C-AD2B-E7CA77FC7E48", "vulnerable": true}, {"criteria": "cpe:2.3:a:trolltech:qt:3.3.8:*:*:*:*:*:*:*", "matchCriteriaId": "5DB7CA86-30F5-48B0-AB47-C4871E16DA10", "vulnerable": true}, {"criteria": "cpe:2.3:a:trolltech:qt:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "00ED4154-E5B7-49F5-B97F-2B02C82D6B0E", "vulnerable": true}, {"criteria": "cpe:2.3:a:trolltech:qt:4.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "5FC87D43-8E5E-4AD7-8228-345C042EC98F", "vulnerable": true}, {"criteria": "cpe:2.3:a:trolltech:qt:4.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "1461D39A-7705-4932-ABA9-4A2869E692F2", "vulnerable": true}, {"criteria": "cpe:2.3:a:trolltech:qt:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "1E47B11C-9098-4F39-8BF3-46C95CE63B79", "vulnerable": true}, {"criteria": "cpe:2.3:a:trolltech:qt:4.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "00F001C9-E388-437A-8F72-1C1C4D54FB7F", "vulnerable": true}, {"criteria": "cpe:2.3:a:trolltech:qt:4.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "8C558DAB-23BD-4076-B839-36B269B97650", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow.  NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable."}, {"lang": "es", "value": "Error de superaci\u00f3n de l\u00edmite (off-by-one) en la funci\u00f3n QUtf8Decoder::toUnicode de Trolltech Qt3 permite a usuarios locales o remotos (dependiendo del contexto) provocar una denegaci\u00f3n de servicio (ca\u00edda) mediante una cadena Unicode manipulada que dispara un desbordamiento de b\u00fafer basado en mont\u00edculo. NOTA: Qt 4 tiene el mismo error en la funci\u00f3n QUtf8Codec::convertToUnicode, pero no es explotable."}], "id": "CVE-2007-4137", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-09-18T19:17:00.000", "references": [{"source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20070901-01-P.asc"}, {"source": "secalert@redhat.com", "url": "http://bugs.gentoo.org/show_bug.cgi?id=192472"}, {"source": "secalert@redhat.com", "url": "http://dist.trolltech.com/developer/download/175791_3.diff"}, {"source": "secalert@redhat.com", "url": "http://dist.trolltech.com/developer/download/175791_4.diff"}, {"source": "secalert@redhat.com", "url": "http://fedoranews.org/updates/FEDORA-2007-221.shtml"}, {"source": "secalert@redhat.com", "url": "http://fedoranews.org/updates/FEDORA-2007-703.shtml"}, {"source": "secalert@redhat.com", "url": "http://osvdb.org/39384"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/26778"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/26782"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/26804"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/26811"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/26857"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/26868"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/26882"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/26987"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/27053"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/27275"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/27382"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/27996"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/28021"}, {"source": "secalert@redhat.com", "url": "http://security.gentoo.org/glsa/glsa-200710-28.xml"}, {"source": "secalert@redhat.com", "url": "http://security.gentoo.org/glsa/glsa-200712-08.xml"}, {"source": "secalert@redhat.com", "url": "http://securitytracker.com/id?1018688"}, {"source": "secalert@redhat.com", "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-424.htm"}, {"source": "secalert@redhat.com", "url": "http://trolltech.com/company/newsroom/announcements/press.2007-09-03.7564032119"}, {"source": "secalert@redhat.com", "url": "http://www.debian.org/security/2007/dsa-1426"}, {"source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:183"}, {"source": "secalert@redhat.com", "url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html"}, {"source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2007-0883.html"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/481498/100/0/threaded"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/25657"}, {"source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/usn-513-1"}, {"source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2007/3144"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=269001"}, {"source": "secalert@redhat.com", "url": "https://issues.rpath.com/browse/RPL-1751"}, {"source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11159"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20070901-01-P.asc"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://bugs.gentoo.org/show_bug.cgi?id=192472"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://dist.trolltech.com/developer/download/175791_3.diff"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://dist.trolltech.com/developer/download/175791_4.diff"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://fedoranews.org/updates/FEDORA-2007-221.shtml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://fedoranews.org/updates/FEDORA-2007-703.shtml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/39384"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/26778"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/26782"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/26804"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/26811"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/26857"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/26868"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/26882"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/26987"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27053"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27275"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27382"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27996"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/28021"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200710-28.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200712-08.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1018688"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-424.htm"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://trolltech.com/company/newsroom/announcements/press.2007-09-03.7564032119"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2007/dsa-1426"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:183"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2007-0883.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/481498/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/25657"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/usn-513-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/3144"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=269001"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://issues.rpath.com/browse/RPL-1751"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11159"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2007:0883", "cpe": "cpe:/o:redhat:enterprise_linux:2.1", "package": "qt-1:2.3.1-14.EL2", "product_name": "Red Hat Enterprise Linux 2.1", "release_date": "2007-09-13T00:00:00Z"}, {"advisory": "RHSA-2007:0883", "cpe": "cpe:/o:redhat:enterprise_linux:3", "package": "qt-1:3.1.2-17.RHEL3", "product_name": "Red Hat Enterprise Linux 3", "release_date": "2007-09-13T00:00:00Z"}, {"advisory": "RHSA-2007:0883", "cpe": "cpe:/o:redhat:enterprise_linux:4", "package": "qt-1:3.3.3-13.RHEL4", "product_name": "Red Hat Enterprise Linux 4", "release_date": "2007-09-13T00:00:00Z"}, {"advisory": "RHSA-2007:0883", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "qt-1:3.3.6-23.el5", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2007-09-13T00:00:00Z"}], "bugzilla": {"description": "QT off by one buffer overflow", "id": "269001", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=269001"}, "csaw": false, "cwe": "CWE-193", "details": ["Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow.  NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable."], "name": "CVE-2007-4137", "public_date": "2007-09-03T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2007-4137\nhttps://nvd.nist.gov/vuln/detail/CVE-2007-4137"], "threat_severity": "Important"}