CVE-2013-0254

The QSharedMemory class in Qt 5.0.0, 4.8.x before 4.8.5, 4.7.x before 4.7.6, and other versions including 4.4.0 uses weak permissions (world-readable and world-writable) for shared memory segments, which allows local users to read sensitive information or modify critical program data, as demonstrated by reading a pixmap being sent to an X server.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.6 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:P/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 24%
Affected Products (NVD)
VendorProductVersion
qtqt
1.41
qtqt
1.42
qtqt
1.43
qtqt
1.44
qtqt
1.45
qtqt
2.0.0
qtqt
2.0.1
qtqt
2.0.2
qtqt
3.3.0
qtqt
3.3.1
qtqt
3.3.2
qtqt
3.3.3
qtqt
3.3.4
qtqt
3.3.5
qtqt
3.3.6
qtqt
4.0.0
qtqt
4.0.1
qtqt
4.1.0
qtqt
4.1.1
qtqt
4.1.2
qtqt
4.1.3
qtqt
4.1.4
qtqt
4.1.5
qtqt
4.2.0
qtqt
4.2.1
qtqt
4.2.3
qtqt
4.3.0
qtqt
4.3.1
qtqt
4.3.2
qtqt
4.3.3
qtqt
4.3.4
qtqt
4.3.5
qtqt
4.4.0
qtqt
4.4.1
qtqt
4.4.2
qtqt
4.4.3
qtqt
4.5.0
qtqt
4.5.1
qtqt
4.5.2
qtqt
4.5.3
qtqt
4.6.0
qtqt
4.6.1
qtqt
4.6.2
qtqt
4.6.3
qtqt
4.6.4
qtqt
4.6.5
qtqt
4.7.0
qtqt
4.7.1
qtqt
4.7.2
qtqt
4.7.3
qtqt
4.7.4
qtqt
4.7.5
qtqt
4.7.6
qtqt
4.8.0
qtqt
4.8.1
qtqt
4.8.2
qtqt
4.8.3
qtqt
4.8.4
qtqt
4.8.5
qtqt
5.0.0
qtqt
5.0.1
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
qt4-x11
hardy
ignored
lucid
Fixed 4:4.6.2-0ubuntu5.6
released
oneiric
Fixed 4:4.7.4-0ubuntu8.3
released
precise
Fixed 4:4.8.1-0ubuntu4.4
released
quantal
Fixed 4:4.8.3+dfsg-0ubuntu3.1
released
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
libqt4
suse enterprise sap 12 SP5
4.8.7-8.8.1
fixed
suse enterprise server 12 SP2
4.8.6-7.1
fixed
suse enterprise server 12 SP3
4.8.6-7.1
fixed
suse enterprise server 12 SP4
4.8.7-8.8.1
fixed
suse enterprise server 12 SP5
4.8.7-8.8.1
fixed
libqt4-32bit
suse enterprise sap 12 SP5
4.8.7-8.8.1
fixed
suse enterprise server 12 SP2
4.8.6-7.1
fixed
suse enterprise server 12 SP3
4.8.6-7.1
fixed
suse enterprise server 12 SP4
4.8.7-8.8.1
fixed
suse enterprise server 12 SP5
4.8.7-8.8.1
fixed
libqt4-qt3support
suse enterprise sap 12 SP5
4.8.7-8.8.1
fixed
suse enterprise server 12 SP2
4.8.6-7.1
fixed
suse enterprise server 12 SP3
4.8.6-7.1
fixed
suse enterprise server 12 SP4
4.8.7-8.8.1
fixed
suse enterprise server 12 SP5
4.8.7-8.8.1
fixed
libqt4-qt3support-32bit
suse enterprise sap 12 SP5
4.8.7-8.8.1
fixed
suse enterprise server 12 SP2
4.8.6-7.1
fixed
suse enterprise server 12 SP3
4.8.6-7.1
fixed
suse enterprise server 12 SP4
4.8.7-8.8.1
fixed
suse enterprise server 12 SP5
4.8.7-8.8.1
fixed
libqt4-sql
suse enterprise sap 12 SP5
4.8.7-8.8.1
fixed
suse enterprise server 12 SP2
4.8.6-7.1
fixed
suse enterprise server 12 SP3
4.8.6-7.1
fixed
suse enterprise server 12 SP4
4.8.7-8.8.1
fixed
suse enterprise server 12 SP5
4.8.7-8.8.1
fixed
libqt4-sql-32bit
suse enterprise sap 12 SP5
4.8.7-8.8.1
fixed
suse enterprise server 12 SP2
4.8.6-7.1
fixed
suse enterprise server 12 SP3
4.8.6-7.1
fixed
suse enterprise server 12 SP4
4.8.7-8.8.1
fixed
suse enterprise server 12 SP5
4.8.7-8.8.1
fixed
libqt4-sql-mysql
suse enterprise sap 12 SP5
4.8.7-8.8.1
fixed
suse enterprise server 12 SP2
4.8.6-7.1
fixed
suse enterprise server 12 SP3
4.8.6-7.1
fixed
suse enterprise server 12 SP4
4.8.7-8.8.1
fixed
suse enterprise server 12 SP5
4.8.7-8.8.1
fixed
libqt4-sql-mysql-32bit
suse enterprise desktop 12
4.8.6-2.6
fixed
suse enterprise desktop 12 SP1
4.8.6-4.1
fixed
suse enterprise desktop 12 SP2
4.8.6-7.1
fixed
suse enterprise desktop 12 SP3
4.8.6-7.1
fixed
suse enterprise desktop 12 SP4
4.8.7-8.8.1
fixed
suse enterprise sap 12
4.8.6-2.6
fixed
suse enterprise sap 12 SP1
4.8.6-4.1
fixed
suse enterprise sap 12 SP2
4.8.6-7.1
fixed
suse enterprise sap 12 SP3
4.8.6-7.1
fixed
suse enterprise sap 12 SP4
4.8.7-8.8.1
fixed
suse enterprise sap 12 SP5
4.8.7-8.8.1
fixed
suse enterprise server 12
4.8.6-2.6
fixed
suse enterprise server 12 SP1
4.8.6-4.1
fixed
suse enterprise server 12 SP2
4.8.6-7.1
fixed
suse enterprise server 12 SP3
4.8.6-7.1
fixed
suse enterprise server 12 SP4
4.8.7-8.8.1
fixed
suse enterprise server 12 SP5
4.8.7-8.8.1
fixed
suse enterprise workstation 12
4.8.6-2.6
fixed
suse enterprise workstation 12 SP1
4.8.6-4.1
fixed
suse enterprise workstation 12 SP2
4.8.6-7.1
fixed
suse enterprise workstation 12 SP3
4.8.6-7.1
fixed
suse enterprise workstation 12 SP4
4.8.7-8.8.1
fixed
suse enterprise workstation 12 SP5
4.8.7-8.8.1
fixed
libqt4-sql-postgresql
suse enterprise desktop 12
4.8.6-2.6
fixed
suse enterprise desktop 12 SP1
4.8.6-4.1
fixed
suse enterprise desktop 12 SP2
4.8.6-7.1
fixed
suse enterprise desktop 12 SP3
4.8.6-7.1
fixed
suse enterprise desktop 12 SP4
4.8.7-8.8.1
fixed
suse enterprise sap 12
4.8.6-2.6
fixed
suse enterprise sap 12 SP1
4.8.6-4.1
fixed
suse enterprise sap 12 SP2
4.8.6-7.1
fixed
suse enterprise sap 12 SP3
4.8.6-7.1
fixed
suse enterprise sap 12 SP4
4.8.7-8.8.1
fixed
suse enterprise sap 12 SP5
4.8.7-8.8.1
fixed
suse enterprise server 12
4.8.6-2.6
fixed
suse enterprise server 12 SP1
4.8.6-4.1
fixed
suse enterprise server 12 SP2
4.8.6-7.1
fixed
suse enterprise server 12 SP3
4.8.6-7.1
fixed
suse enterprise server 12 SP4
4.8.7-8.8.1
fixed
suse enterprise server 12 SP5
4.8.7-8.8.1
fixed
suse enterprise workstation 12
4.8.6-2.6
fixed
suse enterprise workstation 12 SP1
4.8.6-4.1
fixed
suse enterprise workstation 12 SP2
4.8.6-7.1
fixed
suse enterprise workstation 12 SP3
4.8.6-7.1
fixed
suse enterprise workstation 12 SP4
4.8.7-8.8.1
fixed
suse enterprise workstation 12 SP5
4.8.7-8.8.1
fixed
libqt4-sql-postgresql-32bit
suse enterprise desktop 12
4.8.6-2.6
fixed
suse enterprise desktop 12 SP1
4.8.6-4.1
fixed
suse enterprise desktop 12 SP2
4.8.6-7.1
fixed
suse enterprise desktop 12 SP3
4.8.6-7.1
fixed
suse enterprise desktop 12 SP4
4.8.7-8.8.1
fixed
suse enterprise sap 12
4.8.6-2.6
fixed
suse enterprise sap 12 SP1
4.8.6-4.1
fixed
suse enterprise sap 12 SP2
4.8.6-7.1
fixed
suse enterprise sap 12 SP3
4.8.6-7.1
fixed
suse enterprise sap 12 SP4
4.8.7-8.8.1
fixed
suse enterprise sap 12 SP5
4.8.7-8.8.1
fixed
suse enterprise server 12
4.8.6-2.6
fixed
suse enterprise server 12 SP1
4.8.6-4.1
fixed
suse enterprise server 12 SP2
4.8.6-7.1
fixed
suse enterprise server 12 SP3
4.8.6-7.1
fixed
suse enterprise server 12 SP4
4.8.7-8.8.1
fixed
suse enterprise server 12 SP5
4.8.7-8.8.1
fixed
suse enterprise workstation 12
4.8.6-2.6
fixed
suse enterprise workstation 12 SP1
4.8.6-4.1
fixed
suse enterprise workstation 12 SP2
4.8.6-7.1
fixed
suse enterprise workstation 12 SP3
4.8.6-7.1
fixed
suse enterprise workstation 12 SP4
4.8.7-8.8.1
fixed
suse enterprise workstation 12 SP5
4.8.7-8.8.1
fixed
libqt4-sql-sqlite
suse enterprise sap 12 SP5
4.8.7-8.8.1
fixed
suse enterprise server 12 SP2
4.8.6-7.1
fixed
suse enterprise server 12 SP3
4.8.6-7.1
fixed
suse enterprise server 12 SP4
4.8.7-8.8.1
fixed
suse enterprise server 12 SP5
4.8.7-8.8.1
fixed
libqt4-sql-sqlite-32bit
suse enterprise desktop 12
4.8.6-2.11
fixed
suse enterprise desktop 12 SP1
4.8.6-4.2
fixed
suse enterprise desktop 12 SP2
4.8.6-7.1
fixed
suse enterprise desktop 12 SP3
4.8.6-7.1
fixed
suse enterprise desktop 12 SP4
4.8.7-8.8.1
fixed
suse enterprise sap 12
4.8.6-2.11
fixed
suse enterprise sap 12 SP1
4.8.6-4.2
fixed
suse enterprise sap 12 SP2
4.8.6-7.1
fixed
suse enterprise sap 12 SP3
4.8.6-7.1
fixed
suse enterprise sap 12 SP4
4.8.7-8.8.1
fixed
suse enterprise sap 12 SP5
4.8.7-8.8.1
fixed
suse enterprise server 12
4.8.6-2.11
fixed
suse enterprise server 12 SP1
4.8.6-4.2
fixed
suse enterprise server 12 SP2
4.8.6-7.1
fixed
suse enterprise server 12 SP3
4.8.6-7.1
fixed
suse enterprise server 12 SP4
4.8.7-8.8.1
fixed
suse enterprise server 12 SP5
4.8.7-8.8.1
fixed
suse enterprise workstation 12
4.8.6-2.11
fixed
suse enterprise workstation 12 SP1
4.8.6-4.2
fixed
suse enterprise workstation 12 SP2
4.8.6-7.1
fixed
suse enterprise workstation 12 SP3
4.8.6-7.1
fixed
suse enterprise workstation 12 SP4
4.8.7-8.8.1
fixed
suse enterprise workstation 12 SP5
4.8.7-8.8.1
fixed
libqt4-sql-unixODBC
suse enterprise desktop 12
4.8.6-2.6
fixed
suse enterprise desktop 12 SP1
4.8.6-4.1
fixed
suse enterprise desktop 12 SP2
4.8.6-7.1
fixed
suse enterprise desktop 12 SP3
4.8.6-7.1
fixed
suse enterprise desktop 12 SP4
4.8.7-8.8.1
fixed
suse enterprise sap 12
4.8.6-2.6
fixed
suse enterprise sap 12 SP1
4.8.6-4.1
fixed
suse enterprise sap 12 SP2
4.8.6-7.1
fixed
suse enterprise sap 12 SP3
4.8.6-7.1
fixed
suse enterprise sap 12 SP4
4.8.7-8.8.1
fixed
suse enterprise sap 12 SP5
4.8.7-8.8.1
fixed
suse enterprise server 12
4.8.6-2.6
fixed
suse enterprise server 12 SP1
4.8.6-4.1
fixed
suse enterprise server 12 SP2
4.8.6-7.1
fixed
suse enterprise server 12 SP3
4.8.6-7.1
fixed
suse enterprise server 12 SP4
4.8.7-8.8.1
fixed
suse enterprise server 12 SP5
4.8.7-8.8.1
fixed
suse enterprise workstation 12
4.8.6-2.6
fixed
suse enterprise workstation 12 SP1
4.8.6-4.1
fixed
suse enterprise workstation 12 SP2
4.8.6-7.1
fixed
suse enterprise workstation 12 SP3
4.8.6-7.1
fixed
suse enterprise workstation 12 SP4
4.8.7-8.8.1
fixed
suse enterprise workstation 12 SP5
4.8.7-8.8.1
fixed
libqt4-sql-unixODBC-32bit
suse enterprise desktop 12
4.8.6-2.6
fixed
suse enterprise desktop 12 SP1
4.8.6-4.1
fixed
suse enterprise desktop 12 SP2
4.8.6-7.1
fixed
suse enterprise desktop 12 SP3
4.8.6-7.1
fixed
suse enterprise desktop 12 SP4
4.8.7-8.8.1
fixed
suse enterprise sap 12
4.8.6-2.6
fixed
suse enterprise sap 12 SP1
4.8.6-4.1
fixed
suse enterprise sap 12 SP2
4.8.6-7.1
fixed
suse enterprise sap 12 SP3
4.8.6-7.1
fixed
suse enterprise sap 12 SP4
4.8.7-8.8.1
fixed
suse enterprise sap 12 SP5
4.8.7-8.8.1
fixed
suse enterprise server 12
4.8.6-2.6
fixed
suse enterprise server 12 SP1
4.8.6-4.1
fixed
suse enterprise server 12 SP2
4.8.6-7.1
fixed
suse enterprise server 12 SP3
4.8.6-7.1
fixed
suse enterprise server 12 SP4
4.8.7-8.8.1
fixed
suse enterprise server 12 SP5
4.8.7-8.8.1
fixed
suse enterprise workstation 12
4.8.6-2.6
fixed
suse enterprise workstation 12 SP1
4.8.6-4.1
fixed
suse enterprise workstation 12 SP2
4.8.6-7.1
fixed
suse enterprise workstation 12 SP3
4.8.6-7.1
fixed
suse enterprise workstation 12 SP4
4.8.7-8.8.1
fixed
suse enterprise workstation 12 SP5
4.8.7-8.8.1
fixed
libqt4-x11
suse enterprise sap 12 SP5
4.8.7-8.8.1
fixed
suse enterprise server 12 SP2
4.8.6-7.1
fixed
suse enterprise server 12 SP3
4.8.6-7.1
fixed
suse enterprise server 12 SP4
4.8.7-8.8.1
fixed
suse enterprise server 12 SP5
4.8.7-8.8.1
fixed
libqt4-x11-32bit
suse enterprise sap 12 SP5
4.8.7-8.8.1
fixed
suse enterprise server 12 SP2
4.8.6-7.1
fixed
suse enterprise server 12 SP3
4.8.6-7.1
fixed
suse enterprise server 12 SP4
4.8.7-8.8.1
fixed
suse enterprise server 12 SP5
4.8.7-8.8.1
fixed
qt4-x11-tools
suse enterprise sap 12 SP5
4.8.7-8.8.1
fixed
suse enterprise server 12 SP2
4.8.6-7.3
fixed
suse enterprise server 12 SP3
4.8.6-7.3
fixed
suse enterprise server 12 SP4
4.8.7-8.8.1
fixed
suse enterprise server 12 SP5
4.8.7-8.8.1
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
phonon-backend-gstreamer
RHEL 6
1:4.6.2-26.el6_4
fixed
qt
RHEL 6
1:4.6.2-26.el6_4
fixed
qt-demos
RHEL 6
1:4.6.2-26.el6_4
fixed
qt-devel
RHEL 6
1:4.6.2-26.el6_4
fixed
qt-doc
RHEL 6
1:4.6.2-26.el6_4
fixed
qt-examples
RHEL 6
1:4.6.2-26.el6_4
fixed
qt-mysql
RHEL 6
1:4.6.2-26.el6_4
fixed
qt-odbc
RHEL 6
1:4.6.2-26.el6_4
fixed
qt-postgresql
RHEL 6
1:4.6.2-26.el6_4
fixed
qt-sqlite
RHEL 6
1:4.6.2-26.el6_4
fixed
qt-x11
RHEL 6
1:4.6.2-26.el6_4
fixed
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-updates/2013-03/msg00014.html
http://lists.opensuse.org/opensuse-updates/2013-03/msg00015.html
http://lists.opensuse.org/opensuse-updates/2013-03/msg00019.html
http://lists.qt-project.org/pipermail/announce/2013-February/000023.html
http://rhn.redhat.com/errata/RHSA-2013-0669.html
https://bugzilla.redhat.com/show_bug.cgi?id=907425
http://lists.opensuse.org/opensuse-updates/2013-03/msg00014.html
http://lists.opensuse.org/opensuse-updates/2013-03/msg00015.html
http://lists.opensuse.org/opensuse-updates/2013-03/msg00019.html
http://lists.qt-project.org/pipermail/announce/2013-February/000023.html
http://rhn.redhat.com/errata/RHSA-2013-0669.html
https://bugzilla.redhat.com/show_bug.cgi?id=907425