Vulnerability Database

289,689

Total vulnerabilities in the database

CVE-2012-5624

The XMLHttpRequest object in Qt before 4.8.4 enables http redirection to the file scheme, which allows man-in-the-middle attackers to force the read of arbitrary local files and possibly obtain sensitive information via a file: URL to a QML application.

  • Published: Feb 24, 2013
  • Updated: Apr 13, 2023
  • CVE: CVE-2012-5624
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:M/Au:N/C:P/I:N/A:N

CWEs:

Software From Fixed in
qt / qt 4.2.3 4.2.3.x
digia / qt - 4.8.3.x
qt / qt 1.41 1.41.x
qt / qt 1.44 1.44.x
qt / qt 1.45 1.45.x
qt / qt 1.42 1.42.x
qt / qt 1.43 1.43.x
qt / qt 2.0.0 2.0.0.x
qt / qt 3.3.0 3.3.0.x
qt / qt 2.0.1 2.0.1.x
qt / qt 2.0.2 2.0.2.x
qt / qt 3.3.3 3.3.3.x
qt / qt 3.3.4 3.3.4.x
qt / qt 3.3.1 3.3.1.x
qt / qt 3.3.2 3.3.2.x
qt / qt 4.0.1 4.0.1.x
qt / qt 4.1.0 4.1.0.x
qt / qt 3.3.5 3.3.5.x
qt / qt 3.3.6 3.3.6.x
qt / qt 4.1.3 4.1.3.x
qt / qt 4.1.4 4.1.4.x
qt / qt 4.1.1 4.1.1.x
qt / qt 4.1.2 4.1.2.x
qt / qt 4.2.1 4.2.1.x
qt / qt 4.1.5 4.1.5.x
qt / qt 4.3.2 4.3.2.x
qt / qt 4.3.3 4.3.3.x
qt / qt 4.3.0 4.3.0.x
qt / qt 4.3.1 4.3.1.x
qt / qt 4.4.0 4.4.0.x
qt / qt 4.4.1 4.4.1.x
qt / qt 4.3.4 4.3.4.x
qt / qt 4.3.5 4.3.5.x
qt / qt 4.5.0 4.5.0.x
qt / qt 4.5.1 4.5.1.x
qt / qt 4.4.2 4.4.2.x
qt / qt 4.4.3 4.4.3.x
qt / qt 4.6.0 4.6.0.x
qt / qt 4.6.0-rc1 4.6.0-rc1.x
qt / qt 4.5.2 4.5.2.x
qt / qt 4.5.3 4.5.3.x
qt / qt 4.6.3 4.6.3.x
qt / qt 4.6.4 4.6.4.x
qt / qt 4.6.1 4.6.1.x
qt / qt 4.6.2 4.6.2.x
qt / qt 4.7.2 4.7.2.x
qt / qt 4.7.3 4.7.3.x
qt / qt 4.7.0 4.7.0.x
qt / qt 4.7.1 4.7.1.x
qt / qt 4.2.0 4.2.0.x
qt / qt 4.7.5 4.7.5.x
qt / qt 4.7.4 4.7.4.x
qt / qt 4.0.0 4.0.0.x
qt / qt 4.8.2 4.8.2.x
qt / qt 4.6.5-rc 4.6.5-rc.x
qt / qt 4.6.5 4.6.5.x
qt / qt 4.7.6 4.7.6.x
qt / qt 4.7.6-rc 4.7.6-rc.x
qt / qt 4.8.0 4.8.0.x
qt / qt 4.8.1 4.8.1.x
canonical / ubuntu_linux 11.10 11.10.x
canonical / ubuntu_linux 12.10 12.10.x
canonical / ubuntu_linux 12.04 12.04.x
canonical / ubuntu_linux 10.04 10.04.x