CVE-2013-0254

The QSharedMemory class in Qt 5.0.0, 4.8.x before 4.8.5, 4.7.x before 4.7.6, and other versions including 4.4.0 uses weak permissions (world-readable and world-writable) for shared memory segments, which allows local users to read sensitive information or modify critical program data, as demonstrated by reading a pixmap being sent to an X server.

Published: Feb 6, 2013
Updated: Apr 13, 2023
CVE: CVE-2013-0254
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 3.6
AV:L/AC:L/Au:N/C:P/I:P/A:N

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
qt / qt	1.41	1.41.x
qt / qt	1.44	1.44.x
qt / qt	1.45	1.45.x
qt / qt	1.42	1.42.x
qt / qt	1.43	1.43.x
qt / qt	2.0.0	2.0.0.x
qt / qt	2.0.1	2.0.1.x
qt / qt	2.0.2	2.0.2.x
qt / qt	3.3.0	3.3.0.x
qt / qt	3.3.3	3.3.3.x
qt / qt	3.3.4	3.3.4.x
qt / qt	3.3.1	3.3.1.x
qt / qt	3.3.2	3.3.2.x
qt / qt	3.3.5	3.3.5.x
qt / qt	3.3.6	3.3.6.x
qt / qt	4.0.1	4.0.1.x
qt / qt	4.1.0	4.1.0.x
qt / qt	4.1.3	4.1.3.x
qt / qt	4.1.4	4.1.4.x
qt / qt	4.1.1	4.1.1.x
qt / qt	4.1.2	4.1.2.x
qt / qt	4.1.5	4.1.5.x
qt / qt	4.0.0	4.0.0.x
qt / qt	4.2.3	4.2.3.x
qt / qt	4.2.1	4.2.1.x
qt / qt	4.2.0	4.2.0.x
qt / qt	4.3.2	4.3.2.x
qt / qt	4.3.3	4.3.3.x
qt / qt	4.3.0	4.3.0.x
qt / qt	4.3.1	4.3.1.x
qt / qt	4.3.4	4.3.4.x
qt / qt	4.3.5	4.3.5.x
qt / qt	4.4.0	4.4.0.x
qt / qt	4.4.1	4.4.1.x
qt / qt	4.4.2	4.4.2.x
qt / qt	4.4.3	4.4.3.x
qt / qt	4.5.0	4.5.0.x
qt / qt	4.5.1	4.5.1.x
qt / qt	4.5.2	4.5.2.x
qt / qt	4.5.3	4.5.3.x
qt / qt	4.6.0	4.6.0.x
qt / qt	4.6.3	4.6.3.x
qt / qt	4.6.4	4.6.4.x
qt / qt	4.6.1	4.6.1.x
qt / qt	4.6.2	4.6.2.x
qt / qt	4.6.5	4.6.5.x
qt / qt	4.7.2	4.7.2.x
qt / qt	4.7.3	4.7.3.x
qt / qt	4.7.0	4.7.0.x
qt / qt	4.7.1	4.7.1.x
qt / qt	4.7.5	4.7.5.x
qt / qt	4.7.4	4.7.4.x
qt / qt	4.7.6	4.7.6.x
qt / qt	4.8.2	4.8.2.x
qt / qt	4.8.3	4.8.3.x
qt / qt	4.8.0	4.8.0.x
qt / qt	4.8.1	4.8.1.x
qt / qt	4.8.4	4.8.4.x
qt / qt	4.8.5	4.8.5.x
qt / qt	5.0.1	5.0.1.x
qt / qt	5.0.0	5.0.0.x

Vulnerability Database

289,599

CVE-2013-0254