{"api_version":"1","generated_at":"2026-05-04T05:52:21+00:00","cve":"CVE-2012-5624","urls":{"html":"https://cve.report/CVE-2012-5624","api":"https://cve.report/api/cve/CVE-2012-5624.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2012-5624","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2012-5624"},"summary":{"title":"CVE-2012-5624","description":"The XMLHttpRequest object in Qt before 4.8.4 enables http redirection to the file scheme, which allows man-in-the-middle attackers to force the read of arbitrary local files and possibly obtain sensitive information via a file: URL to a QML application.","state":"PUBLISHED","assigner":"redhat","published_at":"2013-02-24 19:55:00","updated_at":"2026-04-29 01:13:23"},"problem_types":["CWE-200","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"4.3","severity":"","vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","data":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:N/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"}}],"references":[{"url":"http://qt.gitorious.org/qt/qt/commit/96311def2466dd44de64d77a1c815b22fbf68f71","name":"http://qt.gitorious.org/qt/qt/commit/96311def2466dd44de64d77a1c815b22fbf68f71","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Commit in qt in Qt - Qt by Digia","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"http://lists.opensuse.org/opensuse-updates/2013-01/msg00048.html","name":"http://lists.opensuse.org/opensuse-updates/2013-01/msg00048.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"openSUSE-SU-2013:0157-1: moderate: libqt4: security fixes for XMLHttpReq","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.opensuse.org/opensuse-updates/2013-01/msg00045.html","name":"http://lists.opensuse.org/opensuse-updates/2013-01/msg00045.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"openSUSE-SU-2013:0154-1: moderate: libqt4: fixed XMLHttpRequest redirect","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.qt-project.org/pipermail/announce/2012-November/000014.html","name":"http://lists.qt-project.org/pipermail/announce/2012-November/000014.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"[Announce] Qt Project Security Advisory: QML XmlHttpRequest\tInsecure Redirection","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.openwall.com/lists/oss-security/2012/12/04/8","name":"http://www.openwall.com/lists/oss-security/2012/12/04/8","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"oss-security - Re: CVE Request -- Qt (x < 4.8.4): QML XmlHttpRequest\n insecure redirection","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://codereview.qt-project.org/#change%2C40034","name":"https://codereview.qt-project.org/#change%2C40034","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Gerrit Code Review","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/52217","name":"http://secunia.com/advisories/52217","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Security Advisory SA52217 - Ubuntu update for Qt - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.opensuse.org/opensuse-updates/2013-01/msg00034.html","name":"http://lists.opensuse.org/opensuse-updates/2013-01/msg00034.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"openSUSE-SU-2013:0143-1: moderate: libqt4: security fixes for XMLHttpReq","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.ubuntu.com/usn/USN-1723-1","name":"http://www.ubuntu.com/usn/USN-1723-1","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"USN-1723-1: Qt vulnerabilities | Ubuntu","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=883415","name":"https://bugzilla.redhat.com/show_bug.cgi?id=883415","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Bug 883415 – CVE-2012-5624 Qt: QML XmlHttpRequest insecure redirection","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://codereview.qt-project.org/#change,40034","name":"CONFIRM:https://codereview.qt-project.org/#change,40034","refsource":"MITRE","tags":[],"title":"Gerrit Code Review","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2012-5624","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5624","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"10.04","cpe7":"-","cpe8":"lts","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"11.10","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"12.04","cpe7":"-","cpe8":"lts","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"12.10","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"4.8.3","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"digia","cpe5":"qt","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"1.41","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"1.42","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"1.43","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"1.44","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"1.45","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"2.0.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"2.0.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"2.0.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"3.3.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"3.3.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"3.3.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"3.3.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"3.3.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"3.3.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"3.3.6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.0.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.0.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.1.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.1.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.1.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.1.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.1.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.1.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.2.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.2.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.2.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.3.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.3.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.3.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.3.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.3.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.3.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.4.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.4.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.4.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.4.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.5.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.5.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.5.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.5.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.6.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.6.0","cpe7":"rc1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.6.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.6.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.6.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.6.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.6.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.6.5","cpe7":"rc","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.7.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.7.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.7.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.7.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.7.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.7.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.7.6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.7.6","cpe7":"rc","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.8.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.8.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"5624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qt","cpe5":"qt","cpe6":"4.8.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-06T21:14:16.054Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"openSUSE-SU-2013:0157","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://lists.opensuse.org/opensuse-updates/2013-01/msg00048.html"},{"name":"USN-1723-1","tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"http://www.ubuntu.com/usn/USN-1723-1"},{"name":"52217","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/52217"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://qt.gitorious.org/qt/qt/commit/96311def2466dd44de64d77a1c815b22fbf68f71"},{"name":"[oss-security] 20121204 Re: CVE Request -- Qt (x < 4.8.4): QML XmlHttpRequest insecure redirection","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://www.openwall.com/lists/oss-security/2012/12/04/8"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://codereview.qt-project.org/#change%2C40034"},{"name":"[Announce] 20121130 Qt Project Security Advisory: QML XmlHttpRequest Insecure Redirection","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://lists.qt-project.org/pipermail/announce/2012-November/000014.html"},{"name":"openSUSE-SU-2013:0154","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://lists.opensuse.org/opensuse-updates/2013-01/msg00045.html"},{"name":"openSUSE-SU-2013:0143","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://lists.opensuse.org/opensuse-updates/2013-01/msg00034.html"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=883415"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"descriptions":[{"lang":"en","value":"The XMLHttpRequest object in Qt before 4.8.4 enables http redirection to the file scheme, which allows man-in-the-middle attackers to force the read of arbitrary local files and possibly obtain sensitive information via a file: URL to a QML application."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2013-02-24T19:00:00.000Z","orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat"},"references":[{"name":"openSUSE-SU-2013:0157","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://lists.opensuse.org/opensuse-updates/2013-01/msg00048.html"},{"name":"USN-1723-1","tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"http://www.ubuntu.com/usn/USN-1723-1"},{"name":"52217","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/52217"},{"tags":["x_refsource_CONFIRM"],"url":"http://qt.gitorious.org/qt/qt/commit/96311def2466dd44de64d77a1c815b22fbf68f71"},{"name":"[oss-security] 20121204 Re: CVE Request -- Qt (x < 4.8.4): QML XmlHttpRequest insecure redirection","tags":["mailing-list","x_refsource_MLIST"],"url":"http://www.openwall.com/lists/oss-security/2012/12/04/8"},{"tags":["x_refsource_CONFIRM"],"url":"https://codereview.qt-project.org/#change%2C40034"},{"name":"[Announce] 20121130 Qt Project Security Advisory: QML XmlHttpRequest Insecure Redirection","tags":["mailing-list","x_refsource_MLIST"],"url":"http://lists.qt-project.org/pipermail/announce/2012-November/000014.html"},{"name":"openSUSE-SU-2013:0154","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://lists.opensuse.org/opensuse-updates/2013-01/msg00045.html"},{"name":"openSUSE-SU-2013:0143","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://lists.opensuse.org/opensuse-updates/2013-01/msg00034.html"},{"tags":["x_refsource_MISC"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=883415"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"secalert@redhat.com","ID":"CVE-2012-5624","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The XMLHttpRequest object in Qt before 4.8.4 enables http redirection to the file scheme, which allows man-in-the-middle attackers to force the read of arbitrary local files and possibly obtain sensitive information via a file: URL to a QML application."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"openSUSE-SU-2013:0157","refsource":"SUSE","url":"http://lists.opensuse.org/opensuse-updates/2013-01/msg00048.html"},{"name":"USN-1723-1","refsource":"UBUNTU","url":"http://www.ubuntu.com/usn/USN-1723-1"},{"name":"52217","refsource":"SECUNIA","url":"http://secunia.com/advisories/52217"},{"name":"http://qt.gitorious.org/qt/qt/commit/96311def2466dd44de64d77a1c815b22fbf68f71","refsource":"CONFIRM","url":"http://qt.gitorious.org/qt/qt/commit/96311def2466dd44de64d77a1c815b22fbf68f71"},{"name":"[oss-security] 20121204 Re: CVE Request -- Qt (x < 4.8.4): QML XmlHttpRequest insecure redirection","refsource":"MLIST","url":"http://www.openwall.com/lists/oss-security/2012/12/04/8"},{"name":"https://codereview.qt-project.org/#change,40034","refsource":"CONFIRM","url":"https://codereview.qt-project.org/#change,40034"},{"name":"[Announce] 20121130 Qt Project Security Advisory: QML XmlHttpRequest Insecure Redirection","refsource":"MLIST","url":"http://lists.qt-project.org/pipermail/announce/2012-November/000014.html"},{"name":"openSUSE-SU-2013:0154","refsource":"SUSE","url":"http://lists.opensuse.org/opensuse-updates/2013-01/msg00045.html"},{"name":"openSUSE-SU-2013:0143","refsource":"SUSE","url":"http://lists.opensuse.org/opensuse-updates/2013-01/msg00034.html"},{"name":"https://bugzilla.redhat.com/show_bug.cgi?id=883415","refsource":"MISC","url":"https://bugzilla.redhat.com/show_bug.cgi?id=883415"}]}}}},"cveMetadata":{"assignerOrgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","assignerShortName":"redhat","cveId":"CVE-2012-5624","datePublished":"2013-02-24T19:00:00.000Z","dateReserved":"2012-10-24T00:00:00.000Z","dateUpdated":"2024-09-16T18:45:23.183Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2013-02-24 19:55:00","lastModifiedDate":"2026-04-29 01:13:23","problem_types":["CWE-200","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:N/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:digia:qt:*:*:*:*:*:*:*:*","versionEndIncluding":"4.8.3","matchCriteriaId":"7F547829-91BE-4BF6-A19E-E592BC15FD8A"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:1.41:*:*:*:*:*:*:*","matchCriteriaId":"57FBB4FA-43C6-432F-94FD-BAADF4DD7CB8"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:1.42:*:*:*:*:*:*:*","matchCriteriaId":"30245B99-C5CB-4FDA-B70F-2CB7FA7BDF43"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:1.43:*:*:*:*:*:*:*","matchCriteriaId":"EA9FC7F3-02BD-485A-AA1B-C5067F384683"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:1.44:*:*:*:*:*:*:*","matchCriteriaId":"DBA3424C-8257-445D-A9DC-1CD562651DFE"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:1.45:*:*:*:*:*:*:*","matchCriteriaId":"D954A35A-9BB8-4415-910D-C4AAEA2F5664"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:2.0.0:*:*:*:*:*:*:*","matchCriteriaId":"67C5548D-2A34-4AAE-A43F-373D4C7F5B4B"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:2.0.1:*:*:*:*:*:*:*","matchCriteriaId":"90E4F51F-52B4-4AB9-926C-EEDAC2052E34"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:2.0.2:*:*:*:*:*:*:*","matchCriteriaId":"2D6D3319-130D-49BF-8395-90E9F4D8583C"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:3.3.0:*:*:*:*:*:*:*","matchCriteriaId":"52D26BBF-106F-48C8-9D57-CF080486DB64"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:3.3.1:*:*:*:*:*:*:*","matchCriteriaId":"026716CE-6BA5-4FC4-8BD3-BF5430DEBE99"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:3.3.2:*:*:*:*:*:*:*","matchCriteriaId":"52BF63BD-E6FA-49AA-9627-7EDAD7939531"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:3.3.3:*:*:*:*:*:*:*","matchCriteriaId":"27EBEAE0-C1DF-46E4-9E2A-B333912A4950"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:3.3.4:*:*:*:*:*:*:*","matchCriteriaId":"5BCDBB15-4E26-48F0-A266-CA059CFEE596"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:3.3.5:*:*:*:*:*:*:*","matchCriteriaId":"A07F27DC-47A4-4EF2-91CC-81863D015B3A"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:3.3.6:*:*:*:*:*:*:*","matchCriteriaId":"58E53D3A-665D-4EEE-82EF-4EDBD194B475"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.0.0:*:*:*:*:*:*:*","matchCriteriaId":"C966DAAB-74E1-4594-9CE7-5A1A60F5061E"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.0.1:*:*:*:*:*:*:*","matchCriteriaId":"D51BFA7D-281E-49ED-9A4B-60AD5143C4EF"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.1.0:*:*:*:*:*:*:*","matchCriteriaId":"5A38B91E-698F-4638-BC3B-BD02F3313B70"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.1.1:*:*:*:*:*:*:*","matchCriteriaId":"7629BAB0-5077-4B82-9F11-B228E8EAFA17"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.1.2:*:*:*:*:*:*:*","matchCriteriaId":"76366D45-3604-49D1-BD97-8A9FACEA2171"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.1.3:*:*:*:*:*:*:*","matchCriteriaId":"EEEF60A1-5FF0-465F-A872-62F80899F870"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.1.4:*:*:*:*:*:*:*","matchCriteriaId":"4D5386EE-376B-4773-8687-5314BFF35E41"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.1.5:*:*:*:*:*:*:*","matchCriteriaId":"4ACE447E-BFBC-4059-9786-F8E5F512AEAA"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.2.0:*:*:*:*:*:*:*","matchCriteriaId":"E3AC6465-B459-410E-A5C5-EBFF5C866009"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.2.1:*:*:*:*:*:*:*","matchCriteriaId":"EF48233D-EFFE-40A1-B50A-F2184D9CF325"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.2.3:*:*:*:*:*:*:*","matchCriteriaId":"610017B4-3C0A-4A59-82A1-4E20BCF786E6"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.3.0:*:*:*:*:*:*:*","matchCriteriaId":"D848BD49-3C88-4458-B8AB-AAD8DEB790BD"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.3.1:*:*:*:*:*:*:*","matchCriteriaId":"0A12D978-B6FF-4C67-97D4-91A285C47813"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.3.2:*:*:*:*:*:*:*","matchCriteriaId":"7DBD073E-F3E0-4273-81E9-AF010B711F08"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.3.3:*:*:*:*:*:*:*","matchCriteriaId":"0D58ACBA-7DF3-403A-AC0E-94749383C750"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.3.4:*:*:*:*:*:*:*","matchCriteriaId":"59D6E752-3B2E-4A95-A76A-3326CD490EDD"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.3.5:*:*:*:*:*:*:*","matchCriteriaId":"7A27E4EC-9573-4C82-9B78-244DB0B06FA4"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.4.0:*:*:*:*:*:*:*","matchCriteriaId":"678A25E8-57E3-4E0C-9B24-C68F11F108BA"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.4.1:*:*:*:*:*:*:*","matchCriteriaId":"D16BB8CE-3871-4DFA-84BB-C089894437D2"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.4.2:*:*:*:*:*:*:*","matchCriteriaId":"965B37FD-E22F-4AA7-BDC2-147A9962CFD5"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.4.3:*:*:*:*:*:*:*","matchCriteriaId":"FEE12FD7-2FB2-444A-A660-86294646F8A1"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.5.0:*:*:*:*:*:*:*","matchCriteriaId":"EA4B9F55-4BFF-4FD3-A8BC-842B0467DCD5"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.5.1:*:*:*:*:*:*:*","matchCriteriaId":"9DA805A7-7C62-49FD-B9A2-F81C981691C3"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.5.2:*:*:*:*:*:*:*","matchCriteriaId":"D5596442-5608-439B-8BE6-53A70F20C079"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.5.3:*:*:*:*:*:*:*","matchCriteriaId":"29FD745E-4B61-417F-BC66-386877E75351"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.6.0:*:*:*:*:*:*:*","matchCriteriaId":"2B74E5F5-CEE1-47B1-BE84-7F1C45D4FDD8"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.6.0:rc1:*:*:*:*:*:*","matchCriteriaId":"82A767D8-6194-4ED5-B9BE-2A14541C141F"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.6.1:*:*:*:*:*:*:*","matchCriteriaId":"874E217C-98AC-4F0B-B120-D721164912CD"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.6.2:*:*:*:*:*:*:*","matchCriteriaId":"3051F46B-E301-4DF7-A89B-4E8495617888"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.6.3:*:*:*:*:*:*:*","matchCriteriaId":"0C8BED3D-E6E9-4A7F-A186-DD7DC20706D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.6.4:*:*:*:*:*:*:*","matchCriteriaId":"1C5CFCD4-6CB1-489D-9619-B0169EA1719C"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.6.5:*:*:*:*:*:*:*","matchCriteriaId":"510C5795-4E61-470F-BE62-A6732F4F0341"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.6.5:rc:*:*:*:*:*:*","matchCriteriaId":"88365332-FA7E-42A6-BC52-4517EAAC90B1"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.7.0:*:*:*:*:*:*:*","matchCriteriaId":"5C2D2DA2-4D77-4396-97A7-D4ED0F633E19"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.7.1:*:*:*:*:*:*:*","matchCriteriaId":"1BC1BC2C-6D99-463F-9326-AF9B468E03F2"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.7.2:*:*:*:*:*:*:*","matchCriteriaId":"342A67CF-B332-46D1-A3FF-604552953C66"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.7.3:*:*:*:*:*:*:*","matchCriteriaId":"9239A893-506A-4853-8B00-FCDE5EC3E5DB"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.7.4:*:*:*:*:*:*:*","matchCriteriaId":"1A6196C5-BB95-447A-B610-4765AB702F96"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.7.5:*:*:*:*:*:*:*","matchCriteriaId":"3E398049-C78A-452C-9FBF-E32DC86BDBD0"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.7.6:*:*:*:*:*:*:*","matchCriteriaId":"8A505785-5597-4F5D-99A3-D143C1CCBFBD"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.7.6:rc:*:*:*:*:*:*","matchCriteriaId":"6E5EF3D1-6BD5-4488-A18C-79E26E87CFA6"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.8.0:*:*:*:*:*:*:*","matchCriteriaId":"B307395A-36B6-4F54-92C9-D732580F3EBE"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.8.1:*:*:*:*:*:*:*","matchCriteriaId":"F9D0CB6E-5275-4D51-81F1-84D456F936B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:qt:qt:4.8.2:*:*:*:*:*:*:*","matchCriteriaId":"214A1125-FBE9-433D-8B05-10595CD59F24"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*","matchCriteriaId":"7118F616-25CA-4E34-AA13-4D14BB62419F"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*","matchCriteriaId":"E4174F4F-149E-41A6-BBCC-D01114C05F38"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*","matchCriteriaId":"F5D324C4-97C7-49D3-A809-9EAD4B690C69"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*","matchCriteriaId":"E2076871-2E80-4605-A470-A41C1A8EC7EE"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2012","CveId":"5624","Ordinal":"1","Title":"CVE-2012-5624","CVE":"CVE-2012-5624","Year":"2012"},"notes":[{"CveYear":"2012","CveId":"5624","Ordinal":"1","NoteData":"The XMLHttpRequest object in Qt before 4.8.4 enables http redirection to the file scheme, which allows man-in-the-middle attackers to force the read of arbitrary local files and possibly obtain sensitive information via a file: URL to a QML application.","Type":"Description","Title":"CVE-2012-5624"},{"CveYear":"2012","CveId":"5624","Ordinal":"2","NoteData":"2013-02-24","Type":"Other","Title":"Published"}]}}}