qt4
Page content
- Author: voroskoi
- Vulnerable: 4.2.3-1
- Unaffected: 4.2.3-2terminus1
Andreas Nolden has reported a vulnerability in Qt, which potentially can be exploited to conduct cross-site scripting attacks in applications using the Qt libraries. The vulnerability is caused due to Qt not properly rejecting overly long UTF-8 character sequences. This can be exploited to bypass certain character sanitation mechanisms and allow e.g. the execution of HTML and script code in applications depending on the correct behavior.
- Bug Tracker URL: http://bugs.frugalware.org/task/1909