CVE-2017-10905

A vulnerability in applications created using Qt for Android prior to 5.9.3 allows attackers to alter environment variables via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.3 MEDIUM
LOCAL
LOW
NONE
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
jpcertCNA
---
---
CVEADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 33%
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
qt4-x11
artful
ignored
zesty
ignored
xenial
ignored
trusty
ignored
qtbase-opensource-src
artful
ignored
zesty
ignored
xenial
ignored
trusty
dne
References
https://blog.qt.io/blog/2017/11/22/security-advisory-qt-android/
https://jvn.jp/en/jp/JVN27342829/index.html
https://blog.qt.io/blog/2017/11/22/security-advisory-qt-android/
https://jvn.jp/en/jp/JVN27342829/index.html