Multiple format string vulnerabilities in (1) qtextedit.cpp, (2) qdatatable.cpp, (3) qsqldatabase.cpp, (4) qsqlindex.cpp, (5) qsqlrecord.cpp, (6) qglobal.cpp, and (7) qsvgdevice.cpp in QTextEdit in Trolltech Qt 3 before 3.3.8 20070727 allow remote attackers to execute arbitrary code via format string specifiers in text used to compose an error message.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Qt | Trolltech | * | 3.3.7 (including) |
| Qt-x11-free | Ubuntu | dapper | * |
| Qt-x11-free | Ubuntu | devel | * |
| Qt-x11-free | Ubuntu | edgy | * |
| Qt-x11-free | Ubuntu | feisty | * |
| Red Hat Enterprise Linux 3 | RedHat | qt-1:3.1.2-16.RHEL3 | * |
| Red Hat Enterprise Linux 4 | RedHat | qt-1:3.3.3-11.RHEL4 | * |
| Red Hat Enterprise Linux 5 | RedHat | qt-1:3.3.6-21.el5 | * |