3.6

CVE-2013-0254

The QSharedMemory class in Qt 5.0.0, 4.8.x before 4.8.5, 4.7.x before 4.7.6, and other versions including 4.4.0 uses weak permissions (world-readable and world-writable) for shared memory segments, which allows local users to read sensitive information or modify critical program data, as demonstrated by reading a pixmap being sent to an X server.

Data is provided by the National Vulnerability Database (NVD)
QtQt Version1.41
QtQt Version1.42
QtQt Version1.43
QtQt Version1.44
QtQt Version1.45
QtQt Version2.0.0
QtQt Version2.0.1
QtQt Version2.0.2
QtQt Version3.3.0
QtQt Version3.3.1
QtQt Version3.3.2
QtQt Version3.3.3
QtQt Version3.3.4
QtQt Version3.3.5
QtQt Version3.3.6
QtQt Version4.0.0
QtQt Version4.0.1
QtQt Version4.1.0
QtQt Version4.1.1
QtQt Version4.1.2
QtQt Version4.1.3
QtQt Version4.1.4
QtQt Version4.1.5
QtQt Version4.2.0
QtQt Version4.2.1
QtQt Version4.2.3
QtQt Version4.3.0
QtQt Version4.3.1
QtQt Version4.3.2
QtQt Version4.3.3
QtQt Version4.3.4
QtQt Version4.3.5
QtQt Version4.4.0
QtQt Version4.4.1
QtQt Version4.4.2
QtQt Version4.4.3
QtQt Version4.5.0
QtQt Version4.5.1
QtQt Version4.5.2
QtQt Version4.5.3
QtQt Version4.6.0
QtQt Version4.6.1
QtQt Version4.6.2
QtQt Version4.6.3
QtQt Version4.6.4
QtQt Version4.6.5
QtQt Version4.7.0
QtQt Version4.7.1
QtQt Version4.7.2
QtQt Version4.7.3
QtQt Version4.7.4
QtQt Version4.7.5
QtQt Version4.7.6
QtQt Version4.8.0
QtQt Version4.8.1
QtQt Version4.8.2
QtQt Version4.8.3
QtQt Version4.8.4
QtQt Version4.8.5
QtQt Version5.0.0
QtQt Version5.0.1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.08% 0.248
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 3.6 3.9 4.9
AV:L/AC:L/Au:N/C:P/I:P/A:N