CVE-2013-0254

Common Vulnerabilities and Exposures

Upstream information

CVE-2013-0254 at MITRE

Description

The QSharedMemory class in Qt 5.0.0, 4.8.x before 4.8.5, 4.7.x before 4.7.6, and other versions including 4.4.0 uses weak permissions (world-readable and world-writable) for shared memory segments, which allows local users to read sensitive information or modify critical program data, as demonstrated by reading a pixmap being sent to an X server.

NVD CVSS v2 Base Score: 3.6 (AV:L/AC:L/Au:N/C:P/I:P/A:N)

Novell/SUSE information

Novell Bugzilla entry: 802634

SUSE Security Advisories:

openSUSE-SU-2013:0403-1, published Thu, 7 Mar 2013 12:04:28 +0100 (CET)
openSUSE-SU-2013:0404-1, published Thu, 7 Mar 2013 13:04:27 +0100 (CET)
openSUSE-SU-2013:0411-1, published Sat, 9 Mar 2013 20:04:27 +0100 (CET)

List of released packages

Product(s)	Fixed package version(s)	References
SLE 11 SP2 DEBUGINFO	`libqt4-debuginfo >= 4.6.3-5.20.23.1` `libqt4-debugsource >= 4.6.3-5.20.23.1`	Builds SAT Patch Nr: 7441
SLE 11 SP2 DEBUGINFO	`libqt4-debuginfo >= 4.6.3-5.20.23.1` `libqt4-debuginfo-x86 >= 4.6.3-5.20.23.1` `libqt4-debugsource >= 4.6.3-5.20.23.1`	Builds SAT Patch Nr: 7441
SLE 11 SP2 DEBUGINFO	`libqt4-debuginfo >= 4.6.3-5.20.23.1` `libqt4-debuginfo-32bit >= 4.6.3-5.20.23.1` `libqt4-debugsource >= 4.6.3-5.20.23.1`	Builds SAT Patch Nr: 7441
SUSE Linux Enterprise Software Development Kit 11 SP2	`libQtWebKit-devel >= 4.6.3-5.20.23.1` `libqt4-devel >= 4.6.3-5.20.23.1` `libqt4-devel-doc >= 4.6.3-5.20.23.1` `libqt4-devel-doc-data >= 4.6.3-5.20.23.1` `libqt4-sql-postgresql >= 4.6.3-5.20.23.1` `libqt4-sql-unixODBC >= 4.6.3-5.20.23.1`	Builds SAT Patch Nr: 7441
SUSE Linux Enterprise Software Development Kit 11 SP2	`libQtWebKit-devel >= 4.6.3-5.20.23.1` `libQtWebKit4-x86 >= 4.6.3-5.20.23.1` `libqt4-devel >= 4.6.3-5.20.23.1` `libqt4-devel-doc >= 4.6.3-5.20.23.1` `libqt4-devel-doc-data >= 4.6.3-5.20.23.1` `libqt4-sql-mysql-x86 >= 4.6.3-5.20.23.1` `libqt4-sql-postgresql >= 4.6.3-5.20.23.1` `libqt4-sql-postgresql-x86 >= 4.6.3-5.20.23.1` `libqt4-sql-sqlite-x86 >= 4.6.3-5.20.23.1` `libqt4-sql-unixODBC >= 4.6.3-5.20.23.1` `libqt4-sql-unixODBC-x86 >= 4.6.3-5.20.23.1`	Builds SAT Patch Nr: 7441
SUSE Linux Enterprise Software Development Kit 11 SP2	`libQtWebKit-devel >= 4.6.3-5.20.23.1` `libQtWebKit4-32bit >= 4.6.3-5.20.23.1` `libqt4-devel >= 4.6.3-5.20.23.1` `libqt4-devel-doc >= 4.6.3-5.20.23.1` `libqt4-devel-doc-data >= 4.6.3-5.20.23.1` `libqt4-sql-mysql-32bit >= 4.6.3-5.20.23.1` `libqt4-sql-postgresql >= 4.6.3-5.20.23.1` `libqt4-sql-postgresql-32bit >= 4.6.3-5.20.23.1` `libqt4-sql-sqlite-32bit >= 4.6.3-5.20.23.1` `libqt4-sql-unixODBC >= 4.6.3-5.20.23.1` `libqt4-sql-unixODBC-32bit >= 4.6.3-5.20.23.1`	Builds SAT Patch Nr: 7441
SUSE Linux Enterprise Desktop 11 SP2	`libQtWebKit4 >= 4.6.3-5.20.23.1` `libqt4 >= 4.6.3-5.20.23.1` `libqt4-qt3support >= 4.6.3-5.20.23.1` `libqt4-sql >= 4.6.3-5.20.23.1` `libqt4-sql-mysql >= 4.6.3-5.20.23.1` `libqt4-sql-postgresql >= 4.6.3-5.20.23.1` `libqt4-sql-sqlite >= 4.6.3-5.20.23.1` `libqt4-sql-unixODBC >= 4.6.3-5.20.23.1` `libqt4-x11 >= 4.6.3-5.20.23.1`	Builds SAT Patch Nr: 7441
SUSE Linux Enterprise Desktop 11 SP2	`libQtWebKit4 >= 4.6.3-5.20.23.1` `libQtWebKit4-32bit >= 4.6.3-5.20.23.1` `libqt4 >= 4.6.3-5.20.23.1` `libqt4-32bit >= 4.6.3-5.20.23.1` `libqt4-qt3support >= 4.6.3-5.20.23.1` `libqt4-qt3support-32bit >= 4.6.3-5.20.23.1` `libqt4-sql >= 4.6.3-5.20.23.1` `libqt4-sql-32bit >= 4.6.3-5.20.23.1` `libqt4-sql-mysql >= 4.6.3-5.20.23.1` `libqt4-sql-mysql-32bit >= 4.6.3-5.20.23.1` `libqt4-sql-postgresql >= 4.6.3-5.20.23.1` `libqt4-sql-postgresql-32bit >= 4.6.3-5.20.23.1` `libqt4-sql-sqlite >= 4.6.3-5.20.23.1` `libqt4-sql-sqlite-32bit >= 4.6.3-5.20.23.1` `libqt4-sql-unixODBC >= 4.6.3-5.20.23.1` `libqt4-sql-unixODBC-32bit >= 4.6.3-5.20.23.1` `libqt4-x11 >= 4.6.3-5.20.23.1` `libqt4-x11-32bit >= 4.6.3-5.20.23.1`	Builds SAT Patch Nr: 7441
SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware	`libQtWebKit4 >= 4.6.3-5.20.23.1` `libqt4 >= 4.6.3-5.20.23.1` `libqt4-qt3support >= 4.6.3-5.20.23.1` `libqt4-sql >= 4.6.3-5.20.23.1` `libqt4-sql-mysql >= 4.6.3-5.20.23.1` `libqt4-sql-sqlite >= 4.6.3-5.20.23.1` `libqt4-x11 >= 4.6.3-5.20.23.1` `qt4-x11-tools >= 4.6.3-5.20.23.1`	Builds SAT Patch Nr: 7441
SUSE Linux Enterprise Server 11 SP2	`libQtWebKit4 >= 4.6.3-5.20.23.1` `libQtWebKit4-x86 >= 4.6.3-5.20.23.1` `libqt4 >= 4.6.3-5.20.23.1` `libqt4-qt3support >= 4.6.3-5.20.23.1` `libqt4-qt3support-x86 >= 4.6.3-5.20.23.1` `libqt4-sql >= 4.6.3-5.20.23.1` `libqt4-sql-mysql >= 4.6.3-5.20.23.1` `libqt4-sql-sqlite >= 4.6.3-5.20.23.1` `libqt4-sql-x86 >= 4.6.3-5.20.23.1` `libqt4-x11 >= 4.6.3-5.20.23.1` `libqt4-x11-x86 >= 4.6.3-5.20.23.1` `libqt4-x86 >= 4.6.3-5.20.23.1` `qt4-x11-tools >= 4.6.3-5.20.23.1`	Builds SAT Patch Nr: 7441
SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware	`libQtWebKit4 >= 4.6.3-5.20.23.1` `libQtWebKit4-32bit >= 4.6.3-5.20.23.1` `libqt4 >= 4.6.3-5.20.23.1` `libqt4-32bit >= 4.6.3-5.20.23.1` `libqt4-qt3support >= 4.6.3-5.20.23.1` `libqt4-qt3support-32bit >= 4.6.3-5.20.23.1` `libqt4-sql >= 4.6.3-5.20.23.1` `libqt4-sql-32bit >= 4.6.3-5.20.23.1` `libqt4-sql-mysql >= 4.6.3-5.20.23.1` `libqt4-sql-sqlite >= 4.6.3-5.20.23.1` `libqt4-x11 >= 4.6.3-5.20.23.1` `libqt4-x11-32bit >= 4.6.3-5.20.23.1` `qt4-x11-tools >= 4.6.3-5.20.23.1`	Builds SAT Patch Nr: 7441

Products

Products By Category

Collaboration

Endpoint Management

File & Networking Services

Services & Support

Help Yourself

Let Us Help

Download

IT Consulting

Technical Training

Customer Center

Contribute

Partners

Partner With Novell

PartnerNet

Find a Partner

Developers

Communities

About Novell

How to Buy