Published: 29/06/2012 Updated: 16/06/2021

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

QSslSocket in Qt prior to 4.7.0-rc1 recognizes a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle malicious users to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.

Vulnerable Product	Search on Vulmon	Subscribe to Product
digia qt
qt qt 4.6.3
qt qt 4.6.2
qt qt 4.3.1
qt qt 4.3.0
qt qt 4.3.4
qt qt 4.3.5
qt qt 4.6.0
qt qt 4.5.2
qt qt 4.4.3
qt qt 4.3.2
qt qt 4.2.3
qt qt 4.2.0
qt qt 4.0.1
qt qt 4.5.0
qt qt 4.5.1
qt qt 4.4.0
qt qt 4.4.1
qt qt 4.1.0
qt qt 4.1.4
qt qt 4.1.3
qt qt 4.1.2
qt qt 4.6.1
qt qt 4.5.3
qt qt 4.4.2
qt qt 4.3.3
qt qt 4.2.1
qt qt 4.1.5
qt qt 4.1.1
qt qt 4.0.0

Synopsis Moderate: qt security and bug fix update Type/Severity Security Advisory: Moderate Topic Updated qt packages that fix two security issues and three bugs are nowavailable for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as having moderatesecurity impact Common ...

Qt Applications could be made to crash or run programs as your login if they opened specially crafted files ...

CWE-20 http://secunia.com/advisories/49604 http://www.westpoint.ltd.uk/advisories/wp-10-0001.txt http://qt.gitorious.org/qt/qt/commit/846f1b44eea4bb34d080d055badb40a4a13d369e http://secunia.com/advisories/41236 https://bugreports.qt-project.org/browse/QTBUG-4455 http://rhn.redhat.com/errata/RHSA-2012-0880.html http://qt.gitorious.org/qt/qt/commit/5f6018564668d368f75e431c4cdac88d7421cff0 http://www.ubuntu.com/usn/USN-1504-1 http://secunia.com/advisories/49895 https://access.redhat.com/errata/RHSA-2012:0880 https://usn.ubuntu.com/1504-1/https://nvd.nist.gov

CVE-2010-5076

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect