CVE-2010-2621 – Qt 4.6.3 - 'QSslSocketBackendPrivate::transmit()' Denial of Service
https://notcve.org/view.php?id=CVE-2010-2621
The QSslSocketBackendPrivate::transmit function in src_network_ssl_qsslsocket_openssl.cpp in Qt 4.6.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a malformed request. La función QSslSocketBackendPrivate::transmit en src_network_ssl_qsslsocket_openssl.cpp en Qt v4.6.3 y anteriores permite a atacantes remotos provocar una denegación de servicio (bucle infinito) a través de una solicitud mal formada. • https://www.exploit-db.com/exploits/14268 http://aluigi.org/adv/qtsslame-adv.txt http://aluigi.org/poc/qtsslame.zip http://osvdb.org/65860 http://qt.gitorious.org/qt/qt/commit/c25c7c9bdfade6b906f37ac8bad44f6f0de57597 http://secunia.com/advisories/40389 http://secunia.com/advisories/46410 http://www.securityfocus.com/bid/41250 http://www.vupen.com/english/advisories/2010/1657 https://hermes.opensuse.org/messages/12056605 • CWE-20: Improper Input Validation •
CVE-2009-2700
https://notcve.org/view.php?id=CVE-2009-2700
src/network/ssl/qsslcertificate.cpp in Nokia Trolltech Qt 4.x does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. src/network/ssl/qsslcertificate.cpp en Nokia Trolltech Qt v4.x no gestiona adecuadamente el carácter '\0'en un nombre de dominio en el campo Subject Alternative Name field de un certificado X.509, lo cual permite a atacantes hombre-en-el-medio (man-in-the-middle) suplantar servidores SSL a su elección a través de certificados manipulados expedidos por una Autoridad de Certificación legítima, una cuestión relacionada con CVE-2009-2408. • http://qt.gitorious.org/qt/qt/commit/802d8c02eaa0aa9cd8d0c6cbd18cd814e6337bc6 http://secunia.com/advisories/36536 http://secunia.com/advisories/36702 http://www.mandriva.com/security/advisories?name=MDVSA-2009:225 http://www.securityfocus.com/bid/36203 http://www.ubuntu.com/usn/usn-829-1 http://www.vupen.com/english/advisories/2009/2499 • CWE-20: Improper Input Validation •
CVE-2007-0242 – QT UTF8 improper character expansion
https://notcve.org/view.php?id=CVE-2007-0242
The UTF-8 decoder in codecs/qutfcodec.cpp in Qt 3.3.8 and 4.2.3 does not reject long UTF-8 sequences as required by the standard, which allows remote attackers to conduct cross-site scripting (XSS) and directory traversal attacks via long sequences that decode to dangerous metacharacters. El decodificador de UTF-8 en el codecs/qutfcodec.cpp del Qt 3.3.8 y 4.2.3 no rechaza secuencias largas de UTF-8 como lo solicitado por el estándar, lo que permite a atacantes remotos llevar a cabo ataques de secuencias de comandos en sitios cruzados (XSS) y de escalado de directorios mediante secuencias largas que decodifican metacaracteres peligrosos. • ftp://patches.sgi.com/support/free/security/advisories/20070901-01-P.asc http://fedoranews.org/updates/FEDORA-2007-703.shtml http://rhn.redhat.com/errata/RHSA-2011-1324.html http://secunia.com/advisories/24699 http://secunia.com/advisories/24705 http://secunia.com/advisories/24726 http://secunia.com/advisories/24727 http://secunia.com/advisories/24759 http://secunia.com/advisories/24797 http://secunia.com/advisories/24847 http://secunia.com/advisories/24889 http://secuni •
CVE-2006-4811
https://notcve.org/view.php?id=CVE-2006-4811
Integer overflow in Qt 3.3 before 3.3.7, 4.1 before 4.1.5, and 4.2 before 4.2.1, as used in the KDE khtml library, kdelibs 3.1.3, and possibly other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted pixmap image. El desbordamiento de enteros en el Qt 3.3 versiones anteriores a 3.3.7, 4.1 anteriores a 4.1.5, y 4.2 anteriores a 4.2.1, como el usado en la librería KDE khtml, kdelibs 3.1.3, y, posiblemente otros paquetes, permite a los atacantes remotos causar la denegación de servicio (caída) y la posibilidad de ejecutar código de su elección mediante una imagen pixmap manipulada. • ftp://patches.sgi.com/support/free/security/advisories/20061002-01-P ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210742 http://lists.suse.com/archive/suse-security-announce/2006-Oct/0006.html http://secunia.com/advisories/22380 http://secunia.com/advisories/22397 http://secunia.com/advisories/22479 http://secunia.com/advisories/22485 http://secunia.com/advisories/22492 http://secunia.com/advisories/2 • CWE-189: Numeric Errors •
CVE-2003-0076
https://notcve.org/view.php?id=CVE-2003-0076
Unknown vulnerability in the directory parser for Direct Connect 4 Linux (dcgui) before 0.2.2 allows remote attackers to read files outside the sharelist. Vulnerabilidad desconocida en el procesador de directorios de Direct Connect 4 Linux (dcgui) anteriores a 0.2.2 permite a atacantes remotos leer ficheros fuera de la lista compartida. • http://dc.ketelhot.de/pipermail/dc/2003-January/000094.html http://marc.info/?l=bugtraq&m=104437720116243&w=2 http://www.iss.net/security_center/static/11246.php •