6.9
CVE-2010-3374
- EPSS 0.35%
- Veröffentlicht 04.10.2010 21:00:04
- Zuletzt bearbeitet 16.06.2026 23:22:39
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Qt Creator before 2.0.1 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Nokia ≫ Qt Creator Version <= 2.0.0
Nokia ≫ Qt Creator Version0.9.1 Updatebeta
Nokia ≫ Qt Creator Version0.9.2 Updaterc1
Nokia ≫ Qt Creator Version1.0.0
Nokia ≫ Qt Creator Version1.1.0
Nokia ≫ Qt Creator Version1.1.0 Updaterc1
Nokia ≫ Qt Creator Version1.2.0
Nokia ≫ Qt Creator Version1.2.90
Nokia ≫ Qt Creator Version1.3.0
Nokia ≫ Qt Creator Version1.3.0 Updatebeta
Nokia ≫ Qt Creator Version1.3.0 Updaterc1
Nokia ≫ Qt Creator Version1.3.1
Nokia ≫ Qt Creator Version2.0.0 Updatealpha
Nokia ≫ Qt Creator Version2.0.0 Updatebeta
Nokia ≫ Qt Creator Version2.0.0 Updaterc1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.35% | 0.264 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.9 | 3.4 | 10 |
AV:L/AC:M/Au:N/C:C/I:C/A:C
|
http://qt.nokia.com/about/news/security-announcement-qt-creator-2.0.0-for-desktop-platforms
http://www.mandriva.com/security/advisories?name=MDVSA-2010:193
http://www.qt.gitorious.org/qt-creator/qt-creator/commit/3c00715c8e90c57953ec4a8716110f6954e524e4
http://www.securityfocus.com/bid/43672
http://www.vupen.com/english/advisories/2010/2559
http://www.vupen.com/english/advisories/2010/2560