Qt Creator before 2.0.1 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Qt_creator | Nokia | * | 2.0.0 (including) |
| Qt_creator | Nokia | 0.9.1-beta (including) | 0.9.1-beta (including) |
| Qt_creator | Nokia | 0.9.2-rc1 (including) | 0.9.2-rc1 (including) |
| Qt_creator | Nokia | 1.0.0 (including) | 1.0.0 (including) |
| Qt_creator | Nokia | 1.1.0 (including) | 1.1.0 (including) |
| Qt_creator | Nokia | 1.1.0-rc1 (including) | 1.1.0-rc1 (including) |
| Qt_creator | Nokia | 1.2.0 (including) | 1.2.0 (including) |
| Qt_creator | Nokia | 1.2.90 (including) | 1.2.90 (including) |
| Qt_creator | Nokia | 1.3.0 (including) | 1.3.0 (including) |
| Qt_creator | Nokia | 1.3.0-beta (including) | 1.3.0-beta (including) |
| Qt_creator | Nokia | 1.3.0-rc1 (including) | 1.3.0-rc1 (including) |
| Qt_creator | Nokia | 1.3.1 (including) | 1.3.1 (including) |
| Qt_creator | Nokia | 2.0.0-alpha (including) | 2.0.0-alpha (including) |
| Qt_creator | Nokia | 2.0.0-beta (including) | 2.0.0-beta (including) |
| Qt_creator | Nokia | 2.0.0-rc1 (including) | 2.0.0-rc1 (including) |