Vulnerability in Trolltech Qt
CVE-2005-0627
Qt before 3.3.4 searches the BUILD_PREFIX directory, which could be world-writable, to load shared libraries regardless of the LD_LIBRARY_PATH environment variable, which allows local users to execute arbitrary programs.
EPSS: 0.004 (27.8th percentile) — read the EPSS interpretation.
Affected products
- Trolltech Qt — versions 3.0, 3.0.3, 3.0.5
- N/a — versions n/a
References
- cve@mitre.org (Patch, vdb-entry, x_refsource_BID)
- cve@mitre.org (vendor-advisory, Patch, x_refsource_GENTOO, Vendor Advisory)
- cve@mitre.org (Patch, x_refsource_MISC)