CVE-2013-0254

Name of the Vulnerable Software and Affected Versions Qt versions 4.4.0 through 4.7.5 Qt versions 4.8.x before 4.8.5 Qt version 5.0.0 qt-x11 versions (affected versions not specified) qt-demos-4.6.2 version qt-doc-4.6.2 version qt-examples-4.6.2 version qt-debuginfo-4.6.2 version qt-devel-4.6.2 version phonon-backend-gstreamer-4.6.2 version

Description The vulnerability may lead to a breach of confidentiality, integrity, and availability of protected information. It can be exploited remotely. The QSharedMemory class in Qt uses weak permissions for shared memory segments, allowing local users to read sensitive information or modify critical program data.

Recommendations For Qt versions 4.4.0 through 4.7.5, update to a version later than 4.7.5. For Qt versions 4.8.x before 4.8.5, update to version 4.8.5 or later. For Qt version 5.0.0, update to a version later than 5.0.0. For qt-x11, qt-demos-4.6.2, qt-doc-4.6.2, qt-examples-4.6.2, qt-debuginfo-4.6.2, qt-devel-4.6.2, and phonon-backend-gstreamer-4.6.2, update to a version that is not affected by the vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability for some of the affected packages.