CVE-2010-3374
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
04/10/2010
Last modified:
11/04/2025
Description
Qt Creator before 2.0.1 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
Impact
Base Score 2.0
6.90
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:nokia:qt_creator:*:*:*:*:*:*:*:* | 2.0.0 (including) | |
| cpe:2.3:a:nokia:qt_creator:0.9.1:beta:*:*:*:*:*:* | ||
| cpe:2.3:a:nokia:qt_creator:0.9.2:rc1:*:*:*:*:*:* | ||
| cpe:2.3:a:nokia:qt_creator:1.0.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:nokia:qt_creator:1.1.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:nokia:qt_creator:1.1.0:rc1:*:*:*:*:*:* | ||
| cpe:2.3:a:nokia:qt_creator:1.2.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:nokia:qt_creator:1.2.90:*:*:*:*:*:*:* | ||
| cpe:2.3:a:nokia:qt_creator:1.3.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:nokia:qt_creator:1.3.0:beta:*:*:*:*:*:* | ||
| cpe:2.3:a:nokia:qt_creator:1.3.0:rc1:*:*:*:*:*:* | ||
| cpe:2.3:a:nokia:qt_creator:1.3.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:nokia:qt_creator:2.0.0:alpha:*:*:*:*:*:* | ||
| cpe:2.3:a:nokia:qt_creator:2.0.0:beta:*:*:*:*:*:* | ||
| cpe:2.3:a:nokia:qt_creator:2.0.0:rc1:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://qt.nokia.com/about/news/security-announcement-qt-creator-2.0.0-for-desktop-platforms
- http://www.mandriva.com/security/advisories?name=MDVSA-2010%3A193
- http://www.qt.gitorious.org/qt-creator/qt-creator/commit/3c00715c8e90c57953ec4a8716110f6954e524e4
- http://www.securityfocus.com/bid/43672
- http://www.vupen.com/english/advisories/2010/2559
- http://www.vupen.com/english/advisories/2010/2560
- http://qt.nokia.com/about/news/security-announcement-qt-creator-2.0.0-for-desktop-platforms
- http://www.mandriva.com/security/advisories?name=MDVSA-2010%3A193
- http://www.qt.gitorious.org/qt-creator/qt-creator/commit/3c00715c8e90c57953ec4a8716110f6954e524e4
- http://www.securityfocus.com/bid/43672
- http://www.vupen.com/english/advisories/2010/2559
- http://www.vupen.com/english/advisories/2010/2560