Vulnerabilities

CVE-2007-0242

by Fred · 03/04/2007

The UTF-8 decoder in codecs/qutfcodec.cpp in Qt 3.3.8 and 4.2.3 does not reject long UTF-8 sequences as required by the standard, which allows remote attackers to conduct cross-site scripting (XSS) and directory traversal attacks via long sequences that decode to dangerous metacharacters.

Date published : 2007-04-03

http://www.securityfocus.com/bid/23269

http://support.avaya.com/elmodocs2/security/ASA-2007-424.htm

Related

Tags: Cybersecurity Alert