[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    Re: [Full-disclosure] QtWeb Browser version 3.3 build 043 Insecure
From:       security curmudgeon <jericho () attrition ! org>
Date:       2010-08-30 18:17:08
Message-ID: alpine.LNX.2.00.1008301313510.6244 () forced ! attrition ! org
[Download RAW message or body]



: 1. OVERVIEW
: 
: The QtWeb Browser application is vulnerable to Insecure DLL Hijacking 
: Vulnerability. Similar terms that describe this vulnerability have been 
: come up with Remote Binary Planting, and Insecure DLL 
: Loading/Injection/Hijacking/Preloading.

: 3. VULNERABILITY DESCRIPTION
: 
: The QtWeb Browser application passes an insufficiently qualified path in 
: loading an external library, "wintab32.dll" when a user opens its 
: associated file with extensions - htm, html, mhtml.
: 
: 4. VERSIONS AFFECTED
: 
: 3.3 build 043 and lower

Virtually all Qt based applications will be vulnerable to this.

We've seen the first wave of reports of "X is vulnerable, looking for Y 
librari", but we haven't seen a lot of details or follow-up on where the 
inclusion of the library comes from. Popular libraries and cross-platform 
frameworks that are vulnerable, will in turn affect any product or 
software that uses them.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[prev in list] [next in list] [prev in thread] [next in thread]