PublicDate: 2007-04-03 16:19:00 UTC
Candidate: CVE-2007-0242
References:
 https://ubuntu.com/security/notices/USN-452-1
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0242
Description:
 The UTF-8 decoder in codecs/qutfcodec.cpp in Qt 3.3.8 and 4.2.3 does not
 reject long UTF-8 sequences as required by the standard, which allows
 remote attackers to conduct cross-site scripting (XSS) and directory
 traversal attacks via long sequences that decode to dangerous
 metacharacters.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
dapper_kdelibs: released (3.5.2-0ubuntu18.5)
edgy_kdelibs: released (3.5.5-0ubuntu3.5)
feisty_kdelibs: released (3.5.6-0ubuntu14.1)
devel_kdelibs: released (3.5.7-1ubuntu14)
dapper_qt4-x11: not-affected
edgy_qt4-x11: not-affected
feisty_qt4-x11: not-affected
devel_qt4-x11: released (4.3.1-0ubuntu2)
dapper_qt-x11-free: released (3.3.6-1ubuntu6.4)
edgy_qt-x11-free: released (3.3.6-3ubuntu3.3)
feisty_qt-x11-free: released (3.3.8really3.3.7-0ubuntu5.2)
devel_qt-x11-free: released (3.3.8really3.3.7-0ubuntu10)
upstream_kdelibs: needs-triage
upstream_qt-x11-free: needs-triage
upstream_qt4-x11: needs-triage