CVE-2022-40983

HIGH Year: 2022
CVSS v3 Score
8.8
High
Weakness Type
CWE-190
View all →

Vulnerability Description

An integer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an integer overflow during memory allocation, which can lead to arbitrary code execution. Target application would need to access a malicious web page to trigger this vulnerability.

Related Vulnerabilities

CVE-2010-0129

HIGH
CVSS:8.8(High)

Multiple integer overflows in Adobe Shockwave Player before 11.5.7.609 allow remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .dir (ak...

CWE-1902010

CVE-2010-0130

HIGH
CVSS:8.8(High)

Integer overflow in Adobe Shockwave Player before 11.5.7.609 might allow remote attackers to execute arbitrary code via a crafted .dir (aka Director) file.

CWE-1902010

CVE-2010-2753

HIGH
CVSS:8.8(High)

Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arb...

CWE-1902010

CVE-2011-3631

HIGH
CVSS:8.8(High)

Hardlink before 0.1.2 has multiple integer overflows leading to heap-based buffer overflows because of the way string lengths concatenation is done in the calculation of the required memory space to b...

CWE-1902011

CVE-2012-5054

HIGH
CVSS:8.8(High)

Integer overflow in the copyRawDataTo method in the Matrix3D class in Adobe Flash Player before 11.4.402.265 allows remote attackers to execute arbitrary code via malformed arguments.

CWE-1902012

CVE-2014-4607

HIGH
CVSS:8.8(High)

Integer overflow in the LZO algorithm variant in Oberhumer liblzo2 and lzo-2 before 2.07 on 32-bit platforms might allow remote attackers to execute arbitrary code via a crafted Literal Run.

CWE-1902014