CVE-2012-5624
Description
The XMLHttpRequest object in Qt before 4.8.4 enables http redirection to the file scheme, which allows man-in-the-middle attackers to force the read of arbitrary local files and possibly obtain sensitive information via a file: URL to a QML application.
Risk Information
Base Score
5.5
MODERATE
Vector
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
1.869
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Qt 4 libraries (USN-1723-1) libqt4-core_4.8.1-0ubuntu4_i386.deb | Linux |
| Qt 4 libraries (USN-1723-1) libqt4-core_4.8.1-0ubuntu4_amd64.deb | Linux |
| Qt 4 libraries (USN-1723-1) libqt4-core_4.8.1-0ubuntu4.9_i386.deb | Linux |
| Qt 4 libraries (USN-1723-1) libqt4-core_4.8.1-0ubuntu4.9_amd64.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234