Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2010-2621

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2010-2621
Last Modified 07 Feb 2013 12:00:00
Published 02 Jul 2010 04:30:01
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2010-2621

Summary

The QSslSocketBackendPrivate::transmit function in src_network_ssl_qsslsocket_openssl.cpp in Qt 4.6.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a malformed request.

Vulnerable Systems

Application

  • Digia Qt 4.0.0

  • Digia Qt 4.0.1

  • Digia Qt 4.1.0

  • Digia Qt 4.1.1

  • Digia Qt 4.1.2

  • Digia Qt 4.1.3

  • Digia Qt 4.1.4

  • Digia Qt 4.1.5

  • Digia Qt 4.2.0

  • Digia Qt 4.2.1

  • Digia Qt 4.2.3

  • Digia Qt 4.3.0

  • Digia Qt 4.3.1

  • Digia Qt 4.3.2

  • Digia Qt 4.3.3

  • Digia Qt 4.3.4

  • Digia Qt 4.3.5

  • Digia Qt 4.4.0

  • Digia Qt 4.4.1

  • Digia Qt 4.4.2

  • Digia Qt 4.4.3

  • Digia Qt 4.5.0

  • Digia Qt 4.5.1

  • Digia Qt 4.5.2

  • Digia Qt 4.5.3

  • Digia Qt 4.6.0

  • Digia Qt 4.6.1

  • Digia Qt 4.6.2

  • Digia Qt 4.6.3

  • Nokia Qt 1.41

  • Nokia Qt 1.42

  • Nokia Qt 1.43

  • Nokia Qt 1.44

  • Nokia Qt 1.45

  • Nokia Qt 2.0.1

  • Nokia Qt 2.0.2

  • Nokia Qt 2.00

  • Nokia Qt 4

  • Nokia Qt 4.0.1

  • Nokia Qt 4.1

  • Nokia Qt 4.1.4

  • Nokia Qt 4.1.5

  • Nokia Qt 4.2

  • Nokia Qt 4.2.1

  • Nokia Qt 4.2.3

  • Nokia Qt 4.3.0

  • Nokia Qt 4.3.1

  • Nokia Qt 4.3.2

  • Nokia Qt 4.3.3

  • Nokia Qt 4.3.4

  • Nokia Qt 4.3.5

  • Nokia Qt 4.4.0

  • Nokia Qt 4.4.1

  • Nokia Qt 4.4.2

  • Nokia Qt 4.4.3

  • Nokia Qt 4.5

  • Nokia Qt 4.5.0

  • Nokia Qt 4.5.1

  • Nokia Qt 4.5.2

  • Nokia Qt 4.5.3

  • Nokia Qt 4.6.3


References

VUPEN - ADV-2010-1657

BID - 41250

SECUNIA - 40389

OSVDB - 65860

MISC - http://aluigi.org/poc/qtsslame.zip

MISC - http://aluigi.altervista.org/adv/qtsslame-adv.txt

SUSE - SUSE-SU-2011:1113

SECUNIA - 46410

CONFIRM - http://qt.gitorious.org/qt/qt/commit/c25c7c9bdfade6b906f37ac8bad44f6f0de57597

MISC - http://aluigi.org/adv/qtsslame-adv.txt

Related Patches

Novell SUSE 2011:5131 libQtWebKit-devel security update for SLE 11 SP1 i586


Last Updated: 27 May 2016 10:58:32