CVE-2013-0254

low

Published 2013-02-06 · Modified 2026-04-29

CVSS v3

—

CVSS v2

3.6

VIR risk

3.6

Description

The QSharedMemory class in Qt 5.0.0, 4.8.x before 4.8.5, 4.7.x before 4.7.6, and other versions including 4.4.0 uses weak permissions (world-readable and world-writable) for shared memory segments, which allows local users to read sensitive information or modify critical program data, as demonstrated by reading a pixmap being sent to an X server.

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: secalert@redhat.com — http://lists.qt-project.org/pipermail/announce/2013-February/000023.html

Application impact

Vendor	Product	Versions
qt	qt	`1.41`
qt	qt	`1.42`
qt	qt	`1.43`
qt	qt	`1.44`
qt	qt	`1.45`
qt	qt	`2.0.0`
qt	qt	`2.0.1`
qt	qt	`2.0.2`
qt	qt	`3.3.0`
qt	qt	`3.3.1`
qt	qt	`3.3.2`
qt	qt	`3.3.3`
qt	qt	`3.3.4`
qt	qt	`3.3.5`
qt	qt	`3.3.6`
qt	qt	`4.0.0`
qt	qt	`4.0.1`
qt	qt	`4.1.0`
qt	qt	`4.1.1`
qt	qt	`4.1.2`
qt	qt	`4.1.3`
qt	qt	`4.1.4`
qt	qt	`4.1.5`
qt	qt	`4.2.0`
qt	qt	`4.2.1`
qt	qt	`4.2.3`
qt	qt	`4.3.0`
qt	qt	`4.3.1`
qt	qt	`4.3.2`
qt	qt	`4.3.3`
qt	qt	`4.3.4`
qt	qt	`4.3.5`
qt	qt	`4.4.0`
qt	qt	`4.4.1`
qt	qt	`4.4.2`
qt	qt	`4.4.3`
qt	qt	`4.5.0`
qt	qt	`4.5.1`
qt	qt	`4.5.2`
qt	qt	`4.5.3`
qt	qt	`4.6.0`
qt	qt	`4.6.1`
qt	qt	`4.6.2`
qt	qt	`4.6.3`
qt	qt	`4.6.4`
qt	qt	`4.6.5`
qt	qt	`4.7.0`
qt	qt	`4.7.1`
qt	qt	`4.7.2`
qt	qt	`4.7.3`
qt	qt	`4.7.4`
qt	qt	`4.7.5`
qt	qt	`4.7.6`
qt	qt	`4.8.0`
qt	qt	`4.8.1`
qt	qt	`4.8.2`
qt	qt	`4.8.3`
qt	qt	`4.8.4`
qt	qt	`4.8.5`
qt	qt	`5.0.0`
qt	qt	`5.0.1`

References

CWEs

CWE-264

Verify integrity in audit chain (admin only). AS-IS.