CVE-2013-4549
https://notcve.org/view.php?id=CVE-2013-4549
QXmlSimpleReader in Qt before 5.2 allows context-dependent attackers to cause a denial of service (memory consumption) via an XML Entity Expansion (XEE) attack. QXmlSimpleReader en Qt anterior a v5.2 permite a los atacantes dependientes del contexto provocar una denegación de servicio (consumo de memoria) mediante un ataque XML Entity Expansion (XEE). • http://blog.qt.digia.com/blog/2014/04/24/qt-4-8-6-released http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132395.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00044.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00047.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00085.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00104.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00106.html http://lists.qt-proje • CWE-20: Improper Input Validation •
CVE-2012-6093
https://notcve.org/view.php?id=CVE-2012-6093
The QSslSocket::sslErrors function in Qt before 4.6.5, 4.7.x before 4.7.6, 4.8.x before 4.8.5, when using certain versions of openSSL, uses an "incompatible structure layout" that can read memory from the wrong location, which causes Qt to report an incorrect error when certificate validation fails and might cause users to make unsafe security decisions to accept a certificate. La función QSslSocket::sslErrors en Qt anterior a v4.6.5, v4.7.x anterior a v4.7.6, v4.8.x anterior a v4.8.5, cuando se usan ciertas versiones de openSSL, usa un diseño de estructura incompatible que puede leer memoria desde una dirección erronea, lo que produce que Qt reporte un error incorrecto cuando el certificado de validación falle y puede causar a los usuarios que hagan decisiones de seguridad inseguras para aceptar certificados. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697582 http://lists.opensuse.org/opensuse-updates/2013-01/msg00086.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00089.html http://lists.opensuse.org/opensuse-updates/2013-02/msg00014.html http://lists.qt-project.org/pipermail/announce/2013-January/000020.html http://qt.gitorious.org/qt/qt/commit/3b14dc93cf0ef06f1424d7d6319a1af4505faa53%20%284.7%29 http://qt.gitorious.org/qt/qt/commit/691e78e5061d4cbc0de212d23b06c5dffddf2098%20%284.8%29 http • CWE-310: Cryptographic Issues •
CVE-2013-0254 – qt: QSharedMemory class created shared memory segments with insecure permissions
https://notcve.org/view.php?id=CVE-2013-0254
The QSharedMemory class in Qt 5.0.0, 4.8.x before 4.8.5, 4.7.x before 4.7.6, and other versions including 4.4.0 uses weak permissions (world-readable and world-writable) for shared memory segments, which allows local users to read sensitive information or modify critical program data, as demonstrated by reading a pixmap being sent to an X server. La clase QSharedMemory en Qt v5.0.0, v4.8.x anterior a v4.8.5, v4.7.x anterior a v4.7.6, y otras versiones incluida la v4.4.0 utiliza permisos débiles (escritura y lectura para todos los usuarios) para segmentos de memoria compartida, lo que permite a usuarios locales leer informacion sensible o modificar datos críticos del programa, como se demostró mediante la lectura de un pixmap enviado al servidor X. • http://lists.opensuse.org/opensuse-updates/2013-03/msg00014.html http://lists.opensuse.org/opensuse-updates/2013-03/msg00015.html http://lists.opensuse.org/opensuse-updates/2013-03/msg00019.html http://lists.qt-project.org/pipermail/announce/2013-February/000023.html http://rhn.redhat.com/errata/RHSA-2013-0669.html https://bugzilla.redhat.com/show_bug.cgi?id=907425 https://access.redhat.com/security/cve/CVE-2013-0254 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2009-2700
https://notcve.org/view.php?id=CVE-2009-2700
src/network/ssl/qsslcertificate.cpp in Nokia Trolltech Qt 4.x does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. src/network/ssl/qsslcertificate.cpp en Nokia Trolltech Qt v4.x no gestiona adecuadamente el carácter '\0'en un nombre de dominio en el campo Subject Alternative Name field de un certificado X.509, lo cual permite a atacantes hombre-en-el-medio (man-in-the-middle) suplantar servidores SSL a su elección a través de certificados manipulados expedidos por una Autoridad de Certificación legítima, una cuestión relacionada con CVE-2009-2408. • http://qt.gitorious.org/qt/qt/commit/802d8c02eaa0aa9cd8d0c6cbd18cd814e6337bc6 http://secunia.com/advisories/36536 http://secunia.com/advisories/36702 http://www.mandriva.com/security/advisories?name=MDVSA-2009:225 http://www.securityfocus.com/bid/36203 http://www.ubuntu.com/usn/usn-829-1 http://www.vupen.com/english/advisories/2009/2499 • CWE-20: Improper Input Validation •