CVE-2017-10904

Qt for Android prior to 5.9.0 allows remote attackers to execute arbitrary OS commands via unspecified vectors.
References
Link Resource
https://blog.qt.io/blog/2017/11/22/security-advisory-qt-android/ Issue Tracking Vendor Advisory
https://jvn.jp/en/jp/JVN67389262/index.html Issue Tracking Third Party Advisory VDB Entry
https://blog.qt.io/blog/2017/11/22/security-advisory-qt-android/ Issue Tracking Vendor Advisory
https://jvn.jp/en/jp/JVN67389262/index.html Issue Tracking Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:a:qt:qt:*:*:*:*:*:android:*:*

History

21 Nov 2024, 03:06

Type Values Removed Values Added
References () https://blog.qt.io/blog/2017/11/22/security-advisory-qt-android/ - Issue Tracking, Vendor Advisory () https://blog.qt.io/blog/2017/11/22/security-advisory-qt-android/ - Issue Tracking, Vendor Advisory
References () https://jvn.jp/en/jp/JVN67389262/index.html - Issue Tracking, Third Party Advisory, VDB Entry () https://jvn.jp/en/jp/JVN67389262/index.html - Issue Tracking, Third Party Advisory, VDB Entry

Information

Published : 2017-12-16 02:29

Updated : 2024-11-21 03:06


NVD link : CVE-2017-10904

Mitre link : CVE-2017-10904

CVE.ORG link : CVE-2017-10904


JSON object : View

Products Affected

qt

  • qt
CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')