CVE-2010-3374 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3374): Qt Creator before 2.0.1 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. Please punt vulnerable versions.
vulnerable versions gone
GLSA request filed.
Thanks all. Affected versions not in tree anymore. Remove qt from cc.
This issue was resolved and addressed in GLSA 201412-09 at http://security.gentoo.org/glsa/glsa-201412-09.xml by GLSA coordinator Sean Amoss (ackle).