RSS   Vulnerabilities for 'QT'   RSS

2012-06-29
 
CVE-2010-5076

 

 
QSslSocket in Qt before 4.7.0-rc1 recognizes a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.

 
2012-06-15
 
CVE-2011-3193

 

 
Heap-based buffer overflow in the Lookup_MarkMarkPos function in the HarfBuzz module (harfbuzz-gpos.c), as used by Qt before 4.7.4 and Pango, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file.

 
2010-07-02
 
CVE-2010-2621

 

 
The QSslSocketBackendPrivate::transmit function in src_network_ssl_qsslsocket_openssl.cpp in Qt 4.6.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a malformed request.

 
2009-09-02
 
CVE-2009-2700

 

 
src/network/ssl/qsslcertificate.cpp in Nokia Trolltech Qt 4.x does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.

 
2006-10-18
 
CVE-2006-4811

CWE-189
 

 
Integer overflow in Qt 3.3 before 3.3.7, 4.1 before 4.1.5, and 4.2 before 4.2.1, as used in the KDE khtml library, kdelibs 3.1.3, and possibly other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted pixmap image.

 

 >>> Vendor: Nokia 35 Products
Ip440 firewall vpn appliance
Firewall appliance
6210 handset
Sgsn dx200
GGSN
Electronic documentation
IPSO
6310i
Series
Affix
9500
3210
7610
N70
Symbian
QT
Groupwise mobile server
Intellisync mobile suite
Intellisync wireless email express
N95
Series 40
6131 nfc
Symbian s60 browser
Nokia pc suite
N810 internet tablet
N82
Qtdemobrowser
Qt creator
Multimedia player
E75 firmware
E75
Pc suite
@vantage commander
I-240w-q gpon ont firmware
8810 4g firmware


Copyright 2019, cxsecurity.com

 

Back to Top