• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Trolltech Qt QTextEdit Multiple Format String Vulnerabilities

Trolltech Qt is prone to multiple format-string vulnerabilities because it fails to securely display error messages.

Exploiting these issues can allow remote attackers to execute arbitrary code in the context of the application using the framework or to cause denial-of-service conditions.

These issues affect only Qt 3; other versions of Qt are not affected. Note that KDE and other applications that use the affected framework are inherently affected.