CVE-2013-0254
Description
The QSharedMemory class in Qt 5.0.0, 4.8.x before 4.8.5, 4.7.x before 4.7.6, and other versions including 4.4.0 uses weak permissions (world-readable and world-writable) for shared memory segments, which allows local users to read sensitive information or modify critical program data, as demonstrated by reading a pixmap being sent to an X server.
Risk Information
Base Score
7.8
MODERATE
Vector
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.086
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Qt 4 libraries (USN-1723-1) libqt4-core_4.8.1-0ubuntu4_i386.deb | Linux |
| Qt 4 libraries (USN-1723-1) libqt4-core_4.8.1-0ubuntu4_amd64.deb | Linux |
| Qt 4 libraries (USN-1723-1) libqt4-core_4.8.1-0ubuntu4.9_i386.deb | Linux |
| Qt 4 libraries (USN-1723-1) libqt4-core_4.8.1-0ubuntu4.9_amd64.deb | Linux |
| (RHSA-2013:0669) Moderate: qt security update phonon-backend-gstreamer-4.6.2-26.el6_4.i686.rpm | Linux |
| (RHSA-2013:0669) Moderate: qt security update phonon-backend-gstreamer-4.6.2-26.el6_4.x86_64.rpm | Linux |
| (RHSA-2013:0669) Moderate: qt security update qt-4.6.2-26.el6_4.i686.rpm | Linux |
| (RHSA-2013:0669) Moderate: qt security update qt-4.6.2-26.el6_4.x86_64.rpm | Linux |
| (RHSA-2013:0669) Moderate: qt security update qt-demos-4.6.2-26.el6_4.i686.rpm | Linux |
| (RHSA-2013:0669) Moderate: qt security update qt-demos-4.6.2-26.el6_4.x86_64.rpm | Linux |
| (RHSA-2013:0669) Moderate: qt security update qt-devel-4.6.2-26.el6_4.i686.rpm | Linux |
| (RHSA-2013:0669) Moderate: qt security update qt-devel-4.6.2-26.el6_4.x86_64.rpm | Linux |
| (RHSA-2013:0669) Moderate: qt security update qt-doc-4.6.2-26.el6_4.noarch.rpm | Linux |
| (RHSA-2013:0669) Moderate: qt security update qt-examples-4.6.2-26.el6_4.i686.rpm | Linux |
| (RHSA-2013:0669) Moderate: qt security update qt-examples-4.6.2-26.el6_4.x86_64.rpm | Linux |
| (RHSA-2013:0669) Moderate: qt security update qt-mysql-4.6.2-26.el6_4.i686.rpm | Linux |
| (RHSA-2013:0669) Moderate: qt security update qt-mysql-4.6.2-26.el6_4.x86_64.rpm | Linux |
| (RHSA-2013:0669) Moderate: qt security update qt-odbc-4.6.2-26.el6_4.i686.rpm | Linux |
| (RHSA-2013:0669) Moderate: qt security update qt-odbc-4.6.2-26.el6_4.x86_64.rpm | Linux |
| (RHSA-2013:0669) Moderate: qt security update qt-postgresql-4.6.2-26.el6_4.i686.rpm | Linux |
| (RHSA-2013:0669) Moderate: qt security update qt-postgresql-4.6.2-26.el6_4.x86_64.rpm | Linux |
| (RHSA-2013:0669) Moderate: qt security update qt-sqlite-4.6.2-26.el6_4.i686.rpm | Linux |
| (RHSA-2013:0669) Moderate: qt security update qt-sqlite-4.6.2-26.el6_4.x86_64.rpm | Linux |
| (RHSA-2013:0669) Moderate: qt security update qt-x11-4.6.2-26.el6_4.i686.rpm | Linux |
| (RHSA-2013:0669) Moderate: qt security update qt-x11-4.6.2-26.el6_4.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234