QT : Security Vulnerabilities, CVEs, Published In 2007 (Directory traversal)
The UTF-8 decoder in codecs/qutfcodec.cpp in Qt 3.3.8 and 4.2.3 does not reject long UTF-8 sequences as required by the standard, which allows remote attackers to conduct cross-site scripting (XSS) and directory traversal attacks via long sequences that decode to dangerous metacharacters.
Max CVSS
4.3
EPSS Score
2.40%
Published
2007-04-03
Updated
2017-10-11
1 vulnerabilities found