CVE-2007-4137 Detail

CVE-2007-4137

CVE Descriptions

Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable.

CVE Informations

Related Weaknesses

CWE-ID	Weakness Name	Source
CWE-119	Improper Restriction of Operations within the Bounds of a Memory Buffer The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Metrics

Metrics	Score	Severity	CVSS Vector	Source
V2	7.5		AV:N/AC:L/Au:N/C:P/I:P/A:P	[email protected]

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

EPSS First.org

Products Mentioned

Configuraton 0

Conectiva>>Linux >> Version 9.0

Conectiva>>Linux >> Version 9.0 (Open CPE detail)

Conectiva>>Linux >> Version 10.0

Conectiva>>Linux >> Version 10.0 (Open CPE detail)

Gentoo>>Linux >> Version *

Gentoo>>Linux >> Version - (Open CPE detail)
Gentoo>>Linux >> Version 1.2 (Open CPE detail)
Gentoo>>Linux >> Version 1.4 (Open CPE detail)
Gentoo>>Linux >> Version 1.4 (Open CPE detail)
Gentoo>>Linux >> Version 1.4 (Open CPE detail)
Gentoo>>Linux >> Version 1.4 (Open CPE detail)
Gentoo>>Linux >> Version 1.4 (Open CPE detail)
Gentoo>>Linux >> Version 2.1.30 (Open CPE detail)
Gentoo>>Linux >> Version 2.2.28 (Open CPE detail)
Gentoo>>Linux >> Version 2.3.30 (Open CPE detail)

Mandrakesoft>>Mandrake_linux >> Version 9.2

Mandrakesoft>>Mandrake_linux >> Version 9.2 (Open CPE detail)

Mandrakesoft>>Mandrake_linux >> Version 9.2

Mandrakesoft>>Mandrake_linux >> Version 10.0

Mandrakesoft>>Mandrake_linux >> Version 10.0 (Open CPE detail)

Mandrakesoft>>Mandrake_linux >> Version 10.0

Mandrakesoft>>Mandrake_linux >> Version 2007

Mandrakesoft>>Mandrake_linux >> Version 2007 (Open CPE detail)

Mandrakesoft>>Mandrake_linux >> Version 2007

Mandrakesoft>>Mandrake_linux >> Version 2007.1

Mandrakesoft>>Mandrake_linux >> Version 2007.1 (Open CPE detail)
Mandrakesoft>>Mandrake_linux >> Version 2007.1 (Open CPE detail)

Mandrakesoft>>Mandrake_linux >> Version 2007.1

Mandrakesoft>>Mandrake_linux >> Version 2007.1 (Open CPE detail)

Mandrakesoft>>Mandrake_linux_corporate_server >> Version 3.0

Mandrakesoft>>Mandrake_linux_corporate_server >> Version 3.0 (Open CPE detail)

Mandrakesoft>>Mandrake_linux_corporate_server >> Version 3.0

Mandrakesoft>>Mandrake_linux_corporate_server >> Version 4.0

Mandrakesoft>>Mandrake_linux_corporate_server >> Version 4.0 (Open CPE detail)

Mandrakesoft>>Mandrake_linux_corporate_server >> Version 4.0

Redhat>>Enterprise_linux >> Version 2.1

Redhat>>Enterprise_linux >> Version 2.1 (Open CPE detail)

Redhat>>Enterprise_linux >> Version 2.1

Redhat>>Enterprise_linux >> Version 2.1 (Open CPE detail)

Redhat>>Enterprise_linux >> Version 2.1

Redhat>>Enterprise_linux >> Version 2.1 (Open CPE detail)

Redhat>>Enterprise_linux >> Version 3.0

Redhat>>Enterprise_linux >> Version 4.0

Redhat>>Enterprise_linux >> Version 5.0

Redhat>>Enterprise_linux >> Version 5.0 (Open CPE detail)

Redhat>>Enterprise_linux >> Version 5.0

Redhat>>Linux >> Version 2.1

Redhat>>Linux >> Version 3.0

Redhat>>Linux >> Version 3.0 (Open CPE detail)

Redhat>>Linux >> Version 4.0

Redhat>>Linux >> Version 4.0 (Open CPE detail)

Ubuntu>>Ubuntu_linux >> Version 6.06_lts

Ubuntu>>Ubuntu_linux >> Version 6.10

Ubuntu>>Ubuntu_linux >> Version 7.04

Trolltech>>Qt >> Version 3.0

Trolltech>>Qt >> Version 3.0.3

Trolltech>>Qt >> Version 3.0.5

Trolltech>>Qt >> Version 3.1

Trolltech>>Qt >> Version 3.1.1

Trolltech>>Qt >> Version 3.1.2

Trolltech>>Qt >> Version 3.2.1

Trolltech>>Qt >> Version 3.2.3

Trolltech>>Qt >> Version 3.3.0

Trolltech>>Qt >> Version 3.3.1

Trolltech>>Qt >> Version 3.3.2

Trolltech>>Qt >> Version 3.3.3

Trolltech>>Qt >> Version 3.3.4

Trolltech>>Qt >> Version 3.3.5

Trolltech>>Qt >> Version 3.3.6

Trolltech>>Qt >> Version 3.3.7

Trolltech>>Qt >> Version 3.3.8

Trolltech>>Qt >> Version 4.1

Trolltech>>Qt >> Version 4.1.4

Trolltech>>Qt >> Version 4.1.5

Trolltech>>Qt >> Version 4.2

Trolltech>>Qt >> Version 4.2.1

Trolltech>>Qt >> Version 4.2.3

References

http://bugs.gentoo.org/show_bug.cgi?id=192472
Tags : x_refsource_CONFIRM

http://www.mandriva.com/security/advisories?name=MDKSA-2007:183
Tags : vendor-advisory, x_refsource_MANDRIVA

http://www.novell.com/linux/security/advisories/2007_19_sr.html
Tags : vendor-advisory, x_refsource_SUSE

http://secunia.com/advisories/26868
Tags : third-party-advisory, x_refsource_SECUNIA

http://support.avaya.com/elmodocs2/security/ASA-2007-424.htm
Tags : x_refsource_CONFIRM

https://issues.rpath.com/browse/RPL-1751
Tags : x_refsource_CONFIRM

http://secunia.com/advisories/26811
Tags : third-party-advisory, x_refsource_SECUNIA

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11159
Tags : vdb-entry, signature, x_refsource_OVAL

http://secunia.com/advisories/27053
Tags : third-party-advisory, x_refsource_SECUNIA

http://secunia.com/advisories/27996
Tags : third-party-advisory, x_refsource_SECUNIA

http://secunia.com/advisories/27275
Tags : third-party-advisory, x_refsource_SECUNIA

http://secunia.com/advisories/27382
Tags : third-party-advisory, x_refsource_SECUNIA

http://secunia.com/advisories/26857
Tags : third-party-advisory, x_refsource_SECUNIA

http://trolltech.com/company/newsroom/announcements/press.2007-09-03.7564032119
Tags : x_refsource_CONFIRM

http://secunia.com/advisories/26778
Tags : third-party-advisory, x_refsource_SECUNIA

https://bugzilla.redhat.com/show_bug.cgi?id=269001
Tags : x_refsource_MISC

http://secunia.com/advisories/26882
Tags : third-party-advisory, x_refsource_SECUNIA

http://secunia.com/advisories/26987
Tags : third-party-advisory, x_refsource_SECUNIA

http://security.gentoo.org/glsa/glsa-200710-28.xml
Tags : vendor-advisory, x_refsource_GENTOO

http://www.vupen.com/english/advisories/2007/3144
Tags : vdb-entry, x_refsource_VUPEN

ftp://patches.sgi.com/support/free/security/advisories/20070901-01-P.asc
Tags : vendor-advisory, x_refsource_SGI

http://dist.trolltech.com/developer/download/175791_4.diff
Tags : x_refsource_MISC

http://osvdb.org/39384
Tags : vdb-entry, x_refsource_OSVDB

http://secunia.com/advisories/26804
Tags : third-party-advisory, x_refsource_SECUNIA

http://secunia.com/advisories/26782
Tags : third-party-advisory, x_refsource_SECUNIA

http://dist.trolltech.com/developer/download/175791_3.diff
Tags : x_refsource_MISC

http://fedoranews.org/updates/FEDORA-2007-703.shtml
Tags : vendor-advisory, x_refsource_FEDORA

http://fedoranews.org/updates/FEDORA-2007-221.shtml
Tags : vendor-advisory, x_refsource_FEDORA

http://security.gentoo.org/glsa/glsa-200712-08.xml
Tags : vendor-advisory, x_refsource_GENTOO

http://secunia.com/advisories/28021
Tags : third-party-advisory, x_refsource_SECUNIA

http://www.redhat.com/support/errata/RHSA-2007-0883.html
Tags : vendor-advisory, x_refsource_REDHAT

http://securitytracker.com/id?1018688
Tags : vdb-entry, x_refsource_SECTRACK

http://www.securityfocus.com/archive/1/481498/100/0/threaded
Tags : mailing-list, x_refsource_BUGTRAQ

http://www.ubuntu.com/usn/usn-513-1
Tags : vendor-advisory, x_refsource_UBUNTU

http://www.securityfocus.com/bid/25657
Tags : vdb-entry, x_refsource_BID

http://www.debian.org/security/2007/dsa-1426
Tags : vendor-advisory, x_refsource_DEBIAN

CVE-2007-4137 : Detail

CVE-2007-4137

CVE Descriptions

CVE Informations

Related Weaknesses

Metrics

EPSS

EPSS Score

EPSS Percentile

Products Mentioned

Configuraton 0

References