CVE-2017-15011

Published Oct 4, 2017

Last updated 22 days ago

CVSS high 7.5

Overview

Description: The named pipes in qtsingleapp in Qt 5.x, as used in qBittorrent and SugarSync, are configured for remote access and allow remote attackers to cause a denial of service (application crash) via an unspecified string.
Source: cve@mitre.org
NVD status: Deferred

Risk scores

CVSS 3.0

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:qt:qt:5.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "03C7E11D-AA2C-48BB-8C50-B04E5CD3A7C5"
          },
          {
            "criteria": "cpe:2.3:a:qt:qt:5.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E30B4386-B419-46B7-945F-C04F79600708"
          },
          {
            "criteria": "cpe:2.3:a:qt:qt:5.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3E42429B-0123-428E-AD62-23000CDF7343"
          },
          {
            "criteria": "cpe:2.3:a:qt:qt:5.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2EE36CAC-6DB0-4061-AC83-AF12A30F2EFD"
          },
          {
            "criteria": "cpe:2.3:a:qt:qt:5.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E2980C52-9843-4A39-B164-76E9583F2D7E"
          },
          {
            "criteria": "cpe:2.3:a:qt:qt:5.4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0AE4473E-33BB-4953-9FC5-B3EE503A19E3"
          },
          {
            "criteria": "cpe:2.3:a:qt:qt:5.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DA1E6864-005E-4843-8D76-AF7D687CF991"
          },
          {
            "criteria": "cpe:2.3:a:qt:qt:5.6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FCC41EE4-29DE-4F86-AEA5-179F6AC9F24B"
          },
          {
            "criteria": "cpe:2.3:a:qt:qt:5.7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F663AA25-2910-4D31-AD72-8BC8F76E9AE0"
          },
          {
            "criteria": "cpe:2.3:a:qt:qt:5.8.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7DD2FCA0-F628-4164-8D32-8191A3004AFD"
          },
          {
            "criteria": "cpe:2.3:a:qt:qt:5.9.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F7AA598B-B954-4389-AEC4-6B8E7762D507"
          },
          {
            "criteria": "cpe:2.3:a:qt:qt:5.10.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C5F566F5-FB40-4F63-BF93-C9253A828B13"
          },
          {
            "criteria": "cpe:2.3:a:qt:qt:5.10.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BD5483AF-66FC-411D-A529-16C5CC8BD8A5"
          },
          {
            "criteria": "cpe:2.3:a:qt:qt:5.11.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0C6827E6-7B15-423D-89C2-46B5E2D35961"
          },
          {
            "criteria": "cpe:2.3:a:qt:qt:5.11.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "58551C4F-EDA2-4AA3-9C5D-6FDF88C5746F"
          },
          {
            "criteria": "cpe:2.3:a:qt:qt:5.11.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B5CCC1DB-3BA9-48CB-ADEE-F1C74C88CC08"
          },
          {
            "criteria": "cpe:2.3:a:qt:qt:5.11.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9024B9F9-90B8-494F-950E-955E62A3C872"
          },
          {
            "criteria": "cpe:2.3:a:qt:qt:5.12.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B54B9182-F8A0-45AA-99A8-A7424A7C34E1"
          },
          {
            "criteria": "cpe:2.3:a:qt:qt:5.12.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B63018D9-848B-4901-9DC9-CE6BBF0C2CDC"
          },
          {
            "criteria": "cpe:2.3:a:qt:qt:5.12.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1DE2DA92-F05B-426C-8CE7-6DCC6AF6461D"
          },
          {
            "criteria": "cpe:2.3:a:qt:qt:5.12.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3E4018AD-55DB-4C13-A26B-ED1564E4C501"
          },
          {
            "criteria": "cpe:2.3:a:qt:qt:5.12.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6EC8E8B7-299B-4E76-9DC7-8482BA357B5E"
          },
          {
            "criteria": "cpe:2.3:a:qt:qt:5.13.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FD5AC67C-2634-49DB-9F97-C27498047C1A"
          },
          {
            "criteria": "cpe:2.3:a:qt:qt:5.14.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F8F2A2AC-F3DE-49E3-B0AF-3953ABD1C269"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References