CVE-2005-0627: Medium severity Trolltech Qt vulnerability
Published Mar 4, 2005
·Updated
Qt before 3.3.4 searches the BUILDPREFIX directory, which could be world-writable, to load shared libraries regardless of the LDLIBRARYPATH environment variable, which allows local users to execute arbitrary programs.
Affected Software
12 affected components
Trolltech Qt=3.0
Trolltech Qt=3.0.3
Trolltech Qt=3.0.5
Trolltech Qt=3.1
Trolltech Qt=3.1.1
Trolltech Qt=3.1.2
Trolltech Qt=3.2.1
Trolltech Qt=3.2.3
Trolltech Qt=3.3.0
Trolltech Qt=3.3.1
Trolltech Qt=3.3.2
Trolltech Qt=3.3.3
Remediation
Patch Available
Patch Available
Patch Available
Event History
Mar 4, 2005
CVE Published
via MITRE·10:00 AM
Data Sourced
via MITRE·10:00 AM
Description
Frequently Asked Questions
1
What is the severity of CVE-2005-0627?
CVE-2005-0627 is considered a high-severity vulnerability due to the potential for local users to execute arbitrary programs.
2
How do I fix CVE-2005-0627?
To fix CVE-2005-0627, upgrade to Qt version 3.3.4 or later.
3
What type of systems are affected by CVE-2005-0627?
CVE-2005-0627 affects multiple versions of the Qt framework prior to 3.3.4.
4
Is CVE-2005-0627 a remote exploit?
No, CVE-2005-0627 is a local vulnerability that requires local access to exploit.
5
What are the potential consequences of exploiting CVE-2005-0627?
Exploiting CVE-2005-0627 allows an attacker to execute arbitrary code on the system, leading to a compromise of system integrity.