CVE-2007-4137
Scores
EPSS
0.000none0.0%
0%20%40%60%80%100%
Percentile: 0.0%
CVSS
7.5high2.0
0246810
CVSS Score: 7.5/10
All CVSS Scores
CVSS 2.0
7.5Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Vector Breakdown
CVSS (Common Vulnerability Scoring System) vector provides detailed metrics about vulnerability characteristics
CVSS
Attack Vector
Network (N)
Describes how the vulnerability is exploited
AV:N
Attack Complexity
Low (L)
Describes the conditions beyond the attacker's control
AC:L
Authentication
None (N)
Describes the level of privileges an attacker must possess
Au:N
Confidentiality Impact
Partial
Measures the impact to the confidentiality of information
C:P
Integrity Impact
Partial
Measures the impact to integrity of a successfully exploited vulnerability
I:P
Availability Impact
Partial
Measures the impact to the availability of the impacted component
A:P
Description
Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable.
Scaner-VS 7 — a modern vulnerability management solution
Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.
Learn more about Scaner-VS 7Sources
debiannvd
CWEs
CWE-119
Related Vulnerabilities
BDU:2015-02985BDU:2015-02986BDU:2015-02987BDU:2015-02988BDU:2015-02989BDU:2015-02990BDU:2015-02991BDU:2015-02992BDU:2015-02993BDU:2015-02994BDU:2015-02995BDU:2015-02996BDU:2015-02997BDU:2015-02998BDU:2015-02999BDU:2015-03000BDU:2015-03001BDU:2015-03002BDU:2015-03003BDU:2015-03004BDU:2015-03005BDU:2015-03006BDU:2015-03007BDU:2015-03008BDU:2015-03009BDU:2015-03010BDU:2015-03011BDU:2015-03012BDU:2015-03013BDU:2015-03014BDU:2015-03015BDU:2015-03016BDU:2015-03017BDU:2015-03018BDU:2015-06485BDU:2015-06486BDU:2015-06487BDU:2015-06488BDU:2015-06489BDU:2015-06490BDU:2015-06491BDU:2015-06492BDU:2015-06493BDU:2015-09594
Vulnerable Software (3)
Type: Configuration
Product: qt-x11-free
Operating System: debian
Trait:
{ "fixed": "3:3.3.7-8"}
Source: debian
Type: Configuration
Product: qt4-x11
Operating System: debian
Trait:
{ "unaffected": true}
Source: debian
Type: Configuration
Vendor: trolltech
Product: qt
Operating System: * * *
Trait:
{ "children": [ { "cpe_match": [ { "cpe23uri": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:conectiva:linux:10.0:*:...
{ "children": [ { "cpe_match": [ { "cpe23uri": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:x86_64:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:x86_64:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:aw:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:as:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:es:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:ws:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:as:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:es:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:ws:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:client:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:client_workstation:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:server:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:redhat:linux:2.1:*:aw_itanium:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:redhat:linux:3.0:*:*:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:redhat:linux:4.0:*:*:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:amd64:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:i386:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:powerpc:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:sparc:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:amd64:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:i386:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:powerpc:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:sparc:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:ubuntu:ubuntu_linux:7.04:*:amd64:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:ubuntu:ubuntu_linux:7.04:*:i386:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:ubuntu:ubuntu_linux:7.04:*:powerpc:*:*:*:*:*" }, { "cpe23uri": "cpe:2.3:o:ubuntu:ubuntu_linux:7.04:*:sparc:*:*:*:*:*" } ], "operator": "OR" }, { "cpe_match": [ { "cpe23uri": "cpe:2.3:a:trolltech:qt:3.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:trolltech:qt:3.0.3:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:trolltech:qt:3.0.5:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:trolltech:qt:3.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:trolltech:qt:3.1.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:trolltech:qt:3.1.2:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:trolltech:qt:3.2.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:trolltech:qt:3.2.3:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:trolltech:qt:3.3.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:trolltech:qt:3.3.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:trolltech:qt:3.3.2:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:trolltech:qt:3.3.3:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:trolltech:qt:3.3.4:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:trolltech:qt:3.3.5:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:trolltech:qt:3.3.6:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:trolltech:qt:3.3.7:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:trolltech:qt:3.3.8:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:trolltech:qt:4.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:trolltech:qt:4.1.4:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:trolltech:qt:4.1.5:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:trolltech:qt:4.2:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:trolltech:qt:4.2.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:trolltech:qt:4.2.3:*:*:*:*:*:*:*", "vulnerable": true } ], "operator": "OR" } ], "operator": "AND"}
Source: nvd