QtWeb Browser version 3.3 build 043: Insecure DLL Hijacking Vulnerability (wintab32.dll)

Users of QtWeb Browser version 3.3 build 043 please be advised of a Insecure DLL Hijacking Vulnerability (wintab32.dll) that has been identified.

To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

Amplify’d from www.criticalwatch.com

QtWeb Browser-SA-08/28/2010: QtWeb Browser version 3.3 build 043 Insecure DLL Hijacking Vulnerability (wintab32.dll)

VULNERABILITY DESCRIPTION The QtWeb Browser application passes an insufficiently qualified path in loading an external library, "wintab32.dll" when a user opens its associated file with extensions - htm, html, mhtml. Read more at www.criticalwatch.com

 

See this Amp at http://bit.ly/d9vnxF