CVE-2013-0254
First published: Mon Feb 04 2013(Updated: )
A security flaw was found in the way QSharedMemory class implementation of the Qt toolkit created shared memory segments (they were created with world-readable and world-writeable permissions). A local attacker could use this flaw to read or alter content of particular shared memory segment, possibly leading to their ability to obtain sensitive information or influence behaviour of shared memory segment reader process.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/Qt | <5.0.1 | 5.0.1 |
| redhat/Qt | <4.8.5 | 4.8.5 |
| redhat/Qt | <4.7.6 | 4.7.6 |
| Qt Qt | =1.41 | |
| Qt Qt | =1.42 | |
| Qt Qt | =1.43 | |
| Qt Qt | =1.44 | |
| Qt Qt | =1.45 | |
| Qt Qt | =2.0.0 | |
| Qt Qt | =2.0.1 | |
| Qt Qt | =2.0.2 | |
| Qt Qt | =3.3.0 | |
| Qt Qt | =3.3.1 | |
| Qt Qt | =3.3.2 | |
| Qt Qt | =3.3.3 | |
| Qt Qt | =3.3.4 | |
| Qt Qt | =3.3.5 | |
| Qt Qt | =3.3.6 | |
| Qt Qt | =4.0.0 | |
| Qt Qt | =4.0.1 | |
| Qt Qt | =4.1.0 | |
| Qt Qt | =4.1.1 | |
| Qt Qt | =4.1.2 | |
| Qt Qt | =4.1.3 | |
| Qt Qt | =4.1.4 | |
| Qt Qt | =4.1.5 | |
| Qt Qt | =4.2.0 | |
| Qt Qt | =4.2.1 | |
| Qt Qt | =4.2.3 | |
| Qt Qt | =4.3.0 | |
| Qt Qt | =4.3.1 | |
| Qt Qt | =4.3.2 | |
| Qt Qt | =4.3.3 | |
| Qt Qt | =4.3.4 | |
| Qt Qt | =4.3.5 | |
| Qt Qt | =4.4.0 | |
| Qt Qt | =4.4.1 | |
| Qt Qt | =4.4.2 | |
| Qt Qt | =4.4.3 | |
| Qt Qt | =4.5.0 | |
| Qt Qt | =4.5.1 | |
| Qt Qt | =4.5.2 | |
| Qt Qt | =4.5.3 | |
| Qt Qt | =4.6.0 | |
| Qt Qt | =4.6.1 | |
| Qt Qt | =4.6.2 | |
| Qt Qt | =4.6.3 | |
| Qt Qt | =4.6.4 | |
| Qt Qt | =4.6.5 | |
| Qt Qt | =4.7.0 | |
| Qt Qt | =4.7.1 | |
| Qt Qt | =4.7.2 | |
| Qt Qt | =4.7.3 | |
| Qt Qt | =4.7.4 | |
| Qt Qt | =4.7.5 | |
| Qt Qt | =4.7.6 | |
| Qt Qt | =4.8.0 | |
| Qt Qt | =4.8.1 | |
| Qt Qt | =4.8.2 | |
| Qt Qt | =4.8.3 | |
| Qt Qt | =4.8.4 | |
| Qt Qt | =4.8.5 | |
| Qt Qt | =5.0.0 | |
| Qt Qt | =5.0.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://qt.gitorious.org/qt/qtbase/commit/856f209fb63ae336bfb389a12d2a75fa886dc1c5
- http://qt.gitorious.org/qt/qt/commit/20b26bdb3dd5e46b01b9a7e1ce8342074df3c89c
- http://qt.gitorious.org/qt/qt/commit/57756e72adf2081137b97f0e689dd16c770d10b1
- https://access.redhat.com/security/cve/CVE-2013-0254
- http://article.gmane.org/gmane.comp.lib.qt.devel/9759
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=907928
- https://rhn.redhat.com/errata/RHSA-2013-0669.html
- https://bugzilla.redhat.com/show_bug.cgi?id=907425
- http://lists.opensuse.org/opensuse-updates/2013-03/msg00014.html
- http://lists.opensuse.org/opensuse-updates/2013-03/msg00015.html
- http://lists.opensuse.org/opensuse-updates/2013-03/msg00019.html
- http://lists.qt-project.org/pipermail/announce/2013-February/000023.html
- http://rhn.redhat.com/errata/RHSA-2013-0669.html
- collector/nvd-index
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/references
- agent/weakness
- agent/last-modified-date
- agent/severity
- agent/author
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2013-0254
- agent/software-canonical-lookup
- agent/tags
- agent/event
- vendor/qt
- canonical/qt qt
- version/qt qt/1.41
- version/qt qt/1.42
- version/qt qt/1.43
- version/qt qt/1.44
- version/qt qt/1.45
- version/qt qt/2.0.0
- version/qt qt/2.0.1
- version/qt qt/2.0.2
- version/qt qt/3.3.0
- version/qt qt/3.3.1
- version/qt qt/3.3.2
- version/qt qt/3.3.3
- version/qt qt/3.3.4
- version/qt qt/3.3.5
- version/qt qt/3.3.6
- version/qt qt/4.0.0
- version/qt qt/4.0.1
- version/qt qt/4.1.0
- version/qt qt/4.1.1
- version/qt qt/4.1.2
- version/qt qt/4.1.3
- version/qt qt/4.1.4
- version/qt qt/4.1.5
- version/qt qt/4.2.0
- version/qt qt/4.2.1
- version/qt qt/4.2.3
- version/qt qt/4.3.0
- version/qt qt/4.3.1
- version/qt qt/4.3.2
- version/qt qt/4.3.3
- version/qt qt/4.3.4
- version/qt qt/4.3.5
- version/qt qt/4.4.0
- version/qt qt/4.4.1
- version/qt qt/4.4.2
- version/qt qt/4.4.3
- version/qt qt/4.5.0
- version/qt qt/4.5.1
- version/qt qt/4.5.2
- version/qt qt/4.5.3
- version/qt qt/4.6.0
- version/qt qt/4.6.1
- version/qt qt/4.6.2
- version/qt qt/4.6.3
- version/qt qt/4.6.4
- version/qt qt/4.6.5
- version/qt qt/4.7.0
- version/qt qt/4.7.1
- version/qt qt/4.7.2
- version/qt qt/4.7.3
- version/qt qt/4.7.4
- version/qt qt/4.7.5
- version/qt qt/4.7.6
- version/qt qt/4.8.0
- version/qt qt/4.8.1
- version/qt qt/4.8.2
- version/qt qt/4.8.3
- version/qt qt/4.8.4
- version/qt qt/4.8.5
- version/qt qt/5.0.0
- version/qt qt/5.0.1
- package-manager/redhat