CVE-2010-5247

Name of the Vulnerable Software and Affected Versions QtWeb Browser version 3.3 build 043

Description The issue allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory. This can be demonstrated by a directory that contains a .html, .htm, or .mhtml file.

Recommendations For QtWeb Browser version 3.3 build 043, consider restricting access to the current working directory to prevent a Trojan horse wintab32.dll file from being executed, until a fix is available. As a temporary workaround, avoid using the affected browser in directories that contain .html, .htm, or .mhtml files.