qt
Page content
- Author: vmiklos
- Vulnerable: 3.3.7-5terminus1
- Unaffected: 3.3.7-5terminus2
A vulnerability has been reported in Qt, which can potentially be exploited by malicious people to cause a DoS (Denial of Service) or to compromise an application using the library. The vulnerability is caused due to an off-by-one error within the “QUtf8Decoder::toUnicode()” function (“QUtf8Codec::convertToUnicode()” in Qt 4.x) in codecs/qutfcodec.cpp. This can be exploited to cause a one-byte heap-based buffer overflow via a specially crafted unicode string.
- Bug Tracker URL: http://bugs.frugalware.org/task/2414