all InfoSec news
VU#411271: Qt allows for privilege escalation due to hard-coding of qt_prfxpath value
April 28, 2022, 1:03 p.m. |
CERT Recently Published Vulnerability Notes kb.cert.org
Overview
Prior to version 5.14, Qt hard-codes the qt_prfxpath value to a fixed value, which may lead to privilege escalation vulnerabilities in Windows software that uses Qt.
Description
Prior to version 5.14, Qt hard-codes the qt_prfxpath value to a value that reflects the path where Qt exists on the system that was used to build Qt. For example, it may refer to a specific subdirectory within C:\Qt\, which is the default installation location for Qt on Windows. If software that …
More from kb.cert.org / CERT Recently Published Vulnerability Notes
VU#421644: HTTP/2 CONTINUATION frames can be utilized for DoS attacks
2 weeks, 1 day ago |
kb.cert.org
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Information Security Engineers
@ D. E. Shaw Research | New York City
Deputy Chief Information Security Officer
@ City of Philadelphia | Philadelphia, PA, United States
Global Cybersecurity Expert
@ CMA CGM | Mumbai, IN
Senior Security Operations Engineer
@ EarnIn | Mexico
Cyber Technologist (Sales Engineer)
@ Darktrace | London