DATABASE RESOURCES PRICING ABOUT US

{"id": "FEDORA:86DDF10F898", "vendorId": null, "type": "fedora", "bulletinFamily": "unix", "title": "[SECURITY] Fedora 11 Update: qt-4.5.2-3.fc11", "description": "Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling. ", "published": "2009-09-03T00:29:02", "modified": "2009-09-03T00:29:02", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": true}, "cvss3": {}, "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/ANALQPSZTXMCMKY5P4NFMTGRAWSATFQU/", "reporter": "Fedora", "references": [], "cvelist": ["CVE-2009-1725", "CVE-2009-2700"], "immutableFields": [], "lastseen": "2020-12-21T08:17:49", "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2009-1725", "CVE-2009-2700"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1950-1:0C391", "DEBIAN:DSA-1988-1:4532E", "DEBIAN:DSA-1988-1:79FED"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2009-1725", "DEBIANCVE:CVE-2009-2700"]}, {"type": "fedora", "idList": ["FEDORA:3638D10F89F", "FEDORA:3DC7510F888", "FEDORA:449DA10F83E", "FEDORA:45C391112CE", "FEDORA:6696510F844", "FEDORA:7548628999", "FEDORA:78C0E10F895", "FEDORA:87F2E10F898", "FEDORA:92578111707", "FEDORA:9D37810F855", "FEDORA:9E03610F897", "FEDORA:AEA3210F89D", "FEDORA:BA9DC10F894", "FEDORA:C28DA10F8AB", "FEDORA:DE58C10F88F", "FEDORA:EBE7F10F89B"]}, {"type": "nessus", "idList": ["5094.PRM", "5160.PRM", "DEBIAN_DSA-1950.NASL", "DEBIAN_DSA-1988.NASL", "FEDORA_2009-8020.NASL", "FEDORA_2009-8039.NASL", "FEDORA_2009-8046.NASL", "FEDORA_2009-8049.NASL", "FEDORA_2009-8800.NASL", "FEDORA_2009-8802.NASL", "FEDORA_2009-9231.NASL", "FEDORA_2009-9232.NASL", "MACOSX_SAFARI4_0_2.NASL", "MANDRIVA_MDVSA-2009-225.NASL", "MANDRIVA_MDVSA-2009-346.NASL", "MANDRIVA_MDVSA-2010-027.NASL", "SAFARI_4_0_2.NASL", "SUSE_11_0_LIBQT4-091106.NASL", "SUSE_11_1_KDELIBS4-101103.NASL", "SUSE_11_1_LIBQT4-091106.NASL", "SUSE_11_2_LIBWEBKIT-110111.NASL", "SUSE_11_3_LIBWEBKIT-110104.NASL", "SUSE_11_KDELIBS3-101103.NASL", "SUSE_11_LIBQT4-091106.NASL", "SUSE_DBUS-1-QT-6644.NASL", "SUSE_DBUS-1-QT-6645.NASL", "SUSE_KDELIBS3-7217.NASL", "UBUNTU_USN-829-1.NASL", "UBUNTU_USN-836-1.NASL", "UBUNTU_USN-857-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231064470", "OPENVAS:136141256231064473", "OPENVAS:136141256231064474", "OPENVAS:136141256231064475", "OPENVAS:136141256231064716", "OPENVAS:136141256231064717", "OPENVAS:136141256231064811", "OPENVAS:136141256231064812", "OPENVAS:136141256231064836", "OPENVAS:136141256231064844", "OPENVAS:136141256231064845", "OPENVAS:136141256231066264", "OPENVAS:136141256231066267", "OPENVAS:136141256231066281", "OPENVAS:136141256231066284", "OPENVAS:136141256231066492", "OPENVAS:1361412562310800834", "OPENVAS:1361412562310830846", "OPENVAS:1361412562310861902", "OPENVAS:1361412562310861955", "OPENVAS:1361412562310861985", "OPENVAS:64470", "OPENVAS:64473", "OPENVAS:64474", "OPENVAS:64475", "OPENVAS:64716", "OPENVAS:64717", "OPENVAS:64811", "OPENVAS:64812", "OPENVAS:64836", "OPENVAS:64844", "OPENVAS:64845", "OPENVAS:64890", "OPENVAS:64983", "OPENVAS:66216", "OPENVAS:66264", "OPENVAS:66267", "OPENVAS:66281", "OPENVAS:66284", "OPENVAS:66492", "OPENVAS:800834", "OPENVAS:830846", "OPENVAS:861902", "OPENVAS:861955", "OPENVAS:861985"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:22430", "SECURITYVULNS:VULN:10216"]}, {"type": "ubuntu", "idList": ["USN-829-1", "USN-836-1", "USN-857-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2009-1725", "UB:CVE-2009-2700"]}], "rev": 4}, "score": {"value": 6.3, "vector": "NONE"}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2009-1725", "CVE-2009-2700"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1988-1:79FED"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2009-1725"]}, {"type": "fedora", "idList": ["FEDORA:9E03610F897"]}, {"type": "nessus", "idList": ["FEDORA_2009-9232.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:64845"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:10216"]}, {"type": "ubuntu", "idList": ["USN-829-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2009-1725"]}]}, "exploitation": null, "vulnersScore": 6.3}, "_state": {"dependencies": 0, "score": 0}, "_internal": {}, "affectedPackage": [{"OS": "Fedora", "OSVersion": "11", "arch": "any", "packageName": "qt", "packageVersion": "4.5.2", "packageFilename": "UNKNOWN", "operator": "lt"}]}

{"openvas": [{"lastseen": "2017-07-25T10:57:04", "description": "The remote host is missing an update to qt\nannounced via advisory FEDORA-2009-9231.", "cvss3": {}, "published": "2009-09-09T00:00:00", "type": "openvas", "title": "Fedora Core 11 FEDORA-2009-9231 (qt)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1725", "CVE-2009-2700"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:64811", "href": "http://plugins.openvas.org/nasl.php?oid=64811", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_9231.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-9231 (qt)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nsecurity fix for CVE-2009-2700\n\nChangeLog:\n\n* Mon Aug 31 2009 Than Ngo - 4.5.2-3\n- fix for CVE-2009-2700\n* Tue Aug 18 2009 Than Ngo - 4.5.2-2\n- security fix for CVE-2009-1725\n* Tue Aug 18 2009 Rex Dieter 4.5.2-1.2\n- kde-qt: 287-qmenu-respect-minwidth\n- kde-qt: 0288-more-x-keycodes (#475247)\n* Wed Aug 5 2009 Rex Dieter 4.5.2-1.1\n- use linker scripts for _debug targets (#510246)\n- apply upstream patch to fix issue in Copy and paste\n- optimize (icon-mostly) scriptlets\n- -x11: Requires(post,postun): /sbin/ldconfig\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update qt' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-9231\";\ntag_summary = \"The remote host is missing an update to qt\nannounced via advisory FEDORA-2009-9231.\";\n\n\n\nif(description)\n{\n script_id(64811);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-09 02:15:49 +0200 (Wed, 09 Sep 2009)\");\n script_cve_id(\"CVE-2009-2700\", \"CVE-2009-1725\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 11 FEDORA-2009-9231 (qt)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=520435\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"qt\", rpm:\"qt~4.5.2~3.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-demos\", rpm:\"qt-demos~4.5.2~3.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-devel\", rpm:\"qt-devel~4.5.2~3.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-examples\", rpm:\"qt-examples~4.5.2~3.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-mysql\", rpm:\"qt-mysql~4.5.2~3.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-odbc\", rpm:\"qt-odbc~4.5.2~3.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-postgresql\", rpm:\"qt-postgresql~4.5.2~3.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-x11\", rpm:\"qt-x11~4.5.2~3.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-debuginfo\", rpm:\"qt-debuginfo~4.5.2~3.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-doc\", rpm:\"qt-doc~4.5.2~3.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:29", "description": "The remote host is missing an update to qt\nannounced via advisory FEDORA-2009-9232.", "cvss3": {}, "published": "2009-09-09T00:00:00", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-9232 (qt)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1725", "CVE-2009-2700"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064812", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064812", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_9232.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-9232 (qt)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nsecurity fix for CVE-2009-2700\n\nChangeLog:\n\n* Mon Aug 31 2009 Than Ngo - 4.5.2-3\n- fix for CVE-2009-2700\n* Tue Aug 18 2009 Than Ngo - 4.5.2-2\n- security fix for CVE-2009-1725\n* Tue Aug 18 2009 Rex Dieter 4.5.2-1.2\n- kde-qt: 287-qmenu-respect-minwidth\n- kde-qt: 0288-more-x-keycodes (#475247)\n* Wed Aug 5 2009 Rex Dieter 4.5.2-1.1\n- use linker scripts for _debug targets (#510246)\n- apply upstream patch to fix issue in Copy and paste\n- optimize (icon-mostly) scriptlets\n- -x11: Requires(post,postun): /sbin/ldconfig\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update qt' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-9232\";\ntag_summary = \"The remote host is missing an update to qt\nannounced via advisory FEDORA-2009-9232.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64812\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-09 02:15:49 +0200 (Wed, 09 Sep 2009)\");\n script_cve_id(\"CVE-2009-2700\", \"CVE-2009-1725\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 10 FEDORA-2009-9232 (qt)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=520435\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"qt\", rpm:\"qt~4.5.2~3.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-demos\", rpm:\"qt-demos~4.5.2~3.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-devel\", rpm:\"qt-devel~4.5.2~3.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-examples\", rpm:\"qt-examples~4.5.2~3.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-mysql\", rpm:\"qt-mysql~4.5.2~3.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-odbc\", rpm:\"qt-odbc~4.5.2~3.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-postgresql\", rpm:\"qt-postgresql~4.5.2~3.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-x11\", rpm:\"qt-x11~4.5.2~3.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-debuginfo\", rpm:\"qt-debuginfo~4.5.2~3.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-doc\", rpm:\"qt-doc~4.5.2~3.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:40:11", "description": "The remote host is missing an update to qt\nannounced via advisory FEDORA-2009-9231.", "cvss3": {}, "published": "2009-09-09T00:00:00", "type": "openvas", "title": "Fedora Core 11 FEDORA-2009-9231 (qt)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1725", "CVE-2009-2700"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064811", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064811", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_9231.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-9231 (qt)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nsecurity fix for CVE-2009-2700\n\nChangeLog:\n\n* Mon Aug 31 2009 Than Ngo - 4.5.2-3\n- fix for CVE-2009-2700\n* Tue Aug 18 2009 Than Ngo - 4.5.2-2\n- security fix for CVE-2009-1725\n* Tue Aug 18 2009 Rex Dieter 4.5.2-1.2\n- kde-qt: 287-qmenu-respect-minwidth\n- kde-qt: 0288-more-x-keycodes (#475247)\n* Wed Aug 5 2009 Rex Dieter 4.5.2-1.1\n- use linker scripts for _debug targets (#510246)\n- apply upstream patch to fix issue in Copy and paste\n- optimize (icon-mostly) scriptlets\n- -x11: Requires(post,postun): /sbin/ldconfig\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update qt' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-9231\";\ntag_summary = \"The remote host is missing an update to qt\nannounced via advisory FEDORA-2009-9231.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64811\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-09 02:15:49 +0200 (Wed, 09 Sep 2009)\");\n script_cve_id(\"CVE-2009-2700\", \"CVE-2009-1725\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 11 FEDORA-2009-9231 (qt)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=520435\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"qt\", rpm:\"qt~4.5.2~3.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-demos\", rpm:\"qt-demos~4.5.2~3.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-devel\", rpm:\"qt-devel~4.5.2~3.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-examples\", rpm:\"qt-examples~4.5.2~3.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-mysql\", rpm:\"qt-mysql~4.5.2~3.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-odbc\", rpm:\"qt-odbc~4.5.2~3.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-postgresql\", rpm:\"qt-postgresql~4.5.2~3.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-x11\", rpm:\"qt-x11~4.5.2~3.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-debuginfo\", rpm:\"qt-debuginfo~4.5.2~3.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-doc\", rpm:\"qt-doc~4.5.2~3.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:29", "description": "The remote host is missing an update to qt\nannounced via advisory FEDORA-2009-9232.", "cvss3": {}, "published": "2009-09-09T00:00:00", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-9232 (qt)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1725", "CVE-2009-2700"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:64812", "href": "http://plugins.openvas.org/nasl.php?oid=64812", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_9232.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-9232 (qt)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nsecurity fix for CVE-2009-2700\n\nChangeLog:\n\n* Mon Aug 31 2009 Than Ngo - 4.5.2-3\n- fix for CVE-2009-2700\n* Tue Aug 18 2009 Than Ngo - 4.5.2-2\n- security fix for CVE-2009-1725\n* Tue Aug 18 2009 Rex Dieter 4.5.2-1.2\n- kde-qt: 287-qmenu-respect-minwidth\n- kde-qt: 0288-more-x-keycodes (#475247)\n* Wed Aug 5 2009 Rex Dieter 4.5.2-1.1\n- use linker scripts for _debug targets (#510246)\n- apply upstream patch to fix issue in Copy and paste\n- optimize (icon-mostly) scriptlets\n- -x11: Requires(post,postun): /sbin/ldconfig\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update qt' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-9232\";\ntag_summary = \"The remote host is missing an update to qt\nannounced via advisory FEDORA-2009-9232.\";\n\n\n\nif(description)\n{\n script_id(64812);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-09 02:15:49 +0200 (Wed, 09 Sep 2009)\");\n script_cve_id(\"CVE-2009-2700\", \"CVE-2009-1725\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 10 FEDORA-2009-9232 (qt)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=520435\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"qt\", rpm:\"qt~4.5.2~3.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-demos\", rpm:\"qt-demos~4.5.2~3.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-devel\", rpm:\"qt-devel~4.5.2~3.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-examples\", rpm:\"qt-examples~4.5.2~3.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-mysql\", rpm:\"qt-mysql~4.5.2~3.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-odbc\", rpm:\"qt-odbc~4.5.2~3.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-postgresql\", rpm:\"qt-postgresql~4.5.2~3.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-x11\", rpm:\"qt-x11~4.5.2~3.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-debuginfo\", rpm:\"qt-debuginfo~4.5.2~3.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-doc\", rpm:\"qt-doc~4.5.2~3.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:44", "description": "The remote host is missing an update to qt\nannounced via advisory FEDORA-2009-11488.", "cvss3": {}, "published": "2009-11-17T00:00:00", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-11488 (qt)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1725", "CVE-2009-2700", "CVE-2009-2816", "CVE-2009-3384"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:66264", "href": "http://plugins.openvas.org/nasl.php?oid=66264", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_11488.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-11488 (qt)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nA security flaw was found in the WebKit's Cross-Origin Resource Sharing (CORS)\nimplementation. Multiple security flaws (integer underflow, invalid pointer\ndereference, buffer underflow and a denial of service) were found in the way\nWebKit's FTP parser used to process remote FTP directory listings.\nChangeLog:\n\n* Thu Nov 12 2009 Jaroslav Reznik - 4.5.3-9\n- CVE-2009-3384 - WebKit, ftp listing handling (#525788)\n- CVE-2009-2816 - WebKit, MITM Cross-Origin Resource Sharing (#525789)\n* Sun Nov 8 2009 Rex Dieter - 4.5.3-8\n- -x11: Requires: %{name}-sqlite(ppc-32)\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update qt' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-11488\";\ntag_summary = \"The remote host is missing an update to qt\nannounced via advisory FEDORA-2009-11488.\";\n\n\n\nif(description)\n{\n script_id(66264);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-17 21:42:12 +0100 (Tue, 17 Nov 2009)\");\n script_cve_id(\"CVE-2009-3384\", \"CVE-2009-2816\", \"CVE-2009-2700\", \"CVE-2009-1725\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 10 FEDORA-2009-11488 (qt)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=525788\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=525789\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"qt\", rpm:\"qt~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-demos\", rpm:\"qt-demos~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-devel\", rpm:\"qt-devel~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-examples\", rpm:\"qt-examples~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-mysql\", rpm:\"qt-mysql~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-odbc\", rpm:\"qt-odbc~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-postgresql\", rpm:\"qt-postgresql~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-sqlite\", rpm:\"qt-sqlite~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-x11\", rpm:\"qt-x11~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-debuginfo\", rpm:\"qt-debuginfo~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-doc\", rpm:\"qt-doc~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:08", "description": "The remote host is missing an update to qt\nannounced via advisory FEDORA-2009-11491.", "cvss3": {}, "published": "2009-11-17T00:00:00", "type": "openvas", "title": "Fedora Core 11 FEDORA-2009-11491 (qt)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1725", "CVE-2009-2700", "CVE-2009-2816", "CVE-2009-3384"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:66267", "href": "http://plugins.openvas.org/nasl.php?oid=66267", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_11491.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-11491 (qt)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nA security flaw was found in the WebKit's Cross-Origin Resource Sharing (CORS)\nimplementation. Multiple security flaws (integer underflow, invalid pointer\ndereference, buffer underflow and a denial of service) were found in the way\nWebKit's FTP parser used to process remote FTP directory listings.\nChangeLog:\n\n* Thu Nov 12 2009 Jaroslav Reznik - 4.5.3-9\n- CVE-2009-3384 - WebKit, ftp listing handling (#525788)\n- CVE-2009-2816 - WebKit, MITM Cross-Origin Resource Sharing (#525789)\n* Sun Nov 8 2009 Rex Dieter - 4.5.3-8\n- -x11: Requires: %{name}-sqlite(ppc-32)\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update qt' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-11491\";\ntag_summary = \"The remote host is missing an update to qt\nannounced via advisory FEDORA-2009-11491.\";\n\n\n\nif(description)\n{\n script_id(66267);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-17 21:42:12 +0100 (Tue, 17 Nov 2009)\");\n script_cve_id(\"CVE-2009-3384\", \"CVE-2009-2816\", \"CVE-2009-2700\", \"CVE-2009-1725\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 11 FEDORA-2009-11491 (qt)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=525788\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=525789\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"qt\", rpm:\"qt~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-demos\", rpm:\"qt-demos~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-devel\", rpm:\"qt-devel~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-examples\", rpm:\"qt-examples~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-mysql\", rpm:\"qt-mysql~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-odbc\", rpm:\"qt-odbc~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-postgresql\", rpm:\"qt-postgresql~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-sqlite\", rpm:\"qt-sqlite~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-x11\", rpm:\"qt-x11~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-debuginfo\", rpm:\"qt-debuginfo~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-doc\", rpm:\"qt-doc~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:40:24", "description": "The remote host is missing an update to qt\nannounced via advisory FEDORA-2009-11491.", "cvss3": {}, "published": "2009-11-17T00:00:00", "type": "openvas", "title": "Fedora Core 11 FEDORA-2009-11491 (qt)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1725", "CVE-2009-2700", "CVE-2009-2816", "CVE-2009-3384"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066267", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066267", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_11491.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-11491 (qt)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nA security flaw was found in the WebKit's Cross-Origin Resource Sharing (CORS)\nimplementation. Multiple security flaws (integer underflow, invalid pointer\ndereference, buffer underflow and a denial of service) were found in the way\nWebKit's FTP parser used to process remote FTP directory listings.\nChangeLog:\n\n* Thu Nov 12 2009 Jaroslav Reznik - 4.5.3-9\n- CVE-2009-3384 - WebKit, ftp listing handling (#525788)\n- CVE-2009-2816 - WebKit, MITM Cross-Origin Resource Sharing (#525789)\n* Sun Nov 8 2009 Rex Dieter - 4.5.3-8\n- -x11: Requires: %{name}-sqlite(ppc-32)\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update qt' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-11491\";\ntag_summary = \"The remote host is missing an update to qt\nannounced via advisory FEDORA-2009-11491.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66267\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-17 21:42:12 +0100 (Tue, 17 Nov 2009)\");\n script_cve_id(\"CVE-2009-3384\", \"CVE-2009-2816\", \"CVE-2009-2700\", \"CVE-2009-1725\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 11 FEDORA-2009-11491 (qt)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=525788\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=525789\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"qt\", rpm:\"qt~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-demos\", rpm:\"qt-demos~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-devel\", rpm:\"qt-devel~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-examples\", rpm:\"qt-examples~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-mysql\", rpm:\"qt-mysql~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-odbc\", rpm:\"qt-odbc~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-postgresql\", rpm:\"qt-postgresql~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-sqlite\", rpm:\"qt-sqlite~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-x11\", rpm:\"qt-x11~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-debuginfo\", rpm:\"qt-debuginfo~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-doc\", rpm:\"qt-doc~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:15", "description": "The remote host is missing an update to qt\nannounced via advisory FEDORA-2009-11488.", "cvss3": {}, "published": "2009-11-17T00:00:00", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-11488 (qt)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1725", "CVE-2009-2700", "CVE-2009-2816", "CVE-2009-3384"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066264", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066264", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_11488.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-11488 (qt)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nA security flaw was found in the WebKit's Cross-Origin Resource Sharing (CORS)\nimplementation. Multiple security flaws (integer underflow, invalid pointer\ndereference, buffer underflow and a denial of service) were found in the way\nWebKit's FTP parser used to process remote FTP directory listings.\nChangeLog:\n\n* Thu Nov 12 2009 Jaroslav Reznik - 4.5.3-9\n- CVE-2009-3384 - WebKit, ftp listing handling (#525788)\n- CVE-2009-2816 - WebKit, MITM Cross-Origin Resource Sharing (#525789)\n* Sun Nov 8 2009 Rex Dieter - 4.5.3-8\n- -x11: Requires: %{name}-sqlite(ppc-32)\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update qt' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-11488\";\ntag_summary = \"The remote host is missing an update to qt\nannounced via advisory FEDORA-2009-11488.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66264\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-17 21:42:12 +0100 (Tue, 17 Nov 2009)\");\n script_cve_id(\"CVE-2009-3384\", \"CVE-2009-2816\", \"CVE-2009-2700\", \"CVE-2009-1725\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 10 FEDORA-2009-11488 (qt)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=525788\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=525789\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"qt\", rpm:\"qt~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-demos\", rpm:\"qt-demos~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-devel\", rpm:\"qt-devel~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-examples\", rpm:\"qt-examples~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-mysql\", rpm:\"qt-mysql~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-odbc\", rpm:\"qt-odbc~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-postgresql\", rpm:\"qt-postgresql~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-sqlite\", rpm:\"qt-sqlite~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-x11\", rpm:\"qt-x11~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-debuginfo\", rpm:\"qt-debuginfo~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-doc\", rpm:\"qt-doc~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:29:55", "description": "The remote host is missing an update to qt4-x11\nannounced via advisory USN-829-1.", "cvss3": {}, "published": "2009-09-15T00:00:00", "type": "openvas", "title": "Ubuntu USN-829-1 (qt4-x11)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2700"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:64890", "href": "http://plugins.openvas.org/nasl.php?oid=64890", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_829_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# $Id: ubuntu_829_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# Description: Auto-generated from advisory USN-829-1 (qt4-x11)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 8.04 LTS:\n libqt4-core 4.3.4-0ubuntu3.1\n\nUbuntu 8.10:\n libqt4-network 4.4.3-0ubuntu1.3\n\nUbuntu 9.04:\n libqt4-network 4.5.0-0ubuntu4.2\n\nAfter a standard system upgrade you need to restart your session to effect\nthe necessary changes.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-829-1\";\n\ntag_insight = \"It was discovered that Qt did not properly handle certificates with NULL\ncharacters in the Subject Alternative Name field of X.509 certificates. An\nattacker could exploit this to perform a man in the middle attack to view\nsensitive information or alter encrypted communications. (CVE-2009-2700)\";\ntag_summary = \"The remote host is missing an update to qt4-x11\nannounced via advisory USN-829-1.\";\n\n \n\n\nif(description)\n{\n script_id(64890);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-15 22:46:32 +0200 (Tue, 15 Sep 2009)\");\n script_cve_id(\"CVE-2009-2700\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_name(\"Ubuntu USN-829-1 (qt4-x11)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-829-1/\");\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"qt4-doc\", ver:\"4.3.4-0ubuntu3.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-core\", ver:\"4.3.4-0ubuntu3.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-debug\", ver:\"4.3.4-0ubuntu3.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-dev\", ver:\"4.3.4-0ubuntu3.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-gui\", ver:\"4.3.4-0ubuntu3.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-qt3support\", ver:\"4.3.4-0ubuntu3.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-sql\", ver:\"4.3.4-0ubuntu3.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-designer\", ver:\"4.3.4-0ubuntu3.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-dev-tools\", ver:\"4.3.4-0ubuntu3.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-qtconfig\", ver:\"4.3.4-0ubuntu3.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-doc-html\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-doc\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-assistant\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-core\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-dbg\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-dbus\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-designer\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-dev\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-gui\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-help\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-network\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-opengl-dev\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-opengl\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-qt3support\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-script\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-sql-mysql\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-sql-odbc\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-sql-psql\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-sql-sqlite2\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-sql-sqlite\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-sql\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-svg\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-test\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-webkit-dbg\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-webkit\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-xml\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-xmlpatterns-dbg\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-xmlpatterns\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqtcore4\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqtgui4\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-demos\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-designer\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-dev-tools\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-qtconfig\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-doc-html\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-doc\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-assistant\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-core\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-dbg\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-dbus\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-designer\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-dev-dbg\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-dev\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-gui\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-help\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-network\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-opengl-dev\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-opengl\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-qt3support\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-script\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-scripttools\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-sql-mysql\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-sql-odbc\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-sql-psql\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-sql-sqlite2\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-sql-sqlite\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-sql\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-svg\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-test\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-webkit-dbg\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-webkit\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-xml\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-xmlpatterns-dbg\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-xmlpatterns\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqtcore4\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqtgui4\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-demos-dbg\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-demos\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-designer\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-dev-tools-dbg\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-dev-tools\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-qmake\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-qtconfig\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-26T08:55:57", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libqt4\n libqt4-qt3support\n libqt4-sql\n libqt4-sql-sqlite\n libqt4-x11\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-11-17T00:00:00", "type": "openvas", "title": "SLES11: Security update for libqt4", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2700"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:66284", "href": "http://plugins.openvas.org/nasl.php?oid=66284", "sourceData": "#\n#VID c980cdd57955d1f78a74976fd2c23c32\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for libqt4\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libqt4\n libqt4-qt3support\n libqt4-sql\n libqt4-sql-sqlite\n libqt4-x11\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=534081\");\n script_id(66284);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-17 21:42:12 +0100 (Tue, 17 Nov 2009)\");\n script_cve_id(\"CVE-2009-2700\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_name(\"SLES11: Security update for libqt4\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libqt4\", rpm:\"libqt4~4.4.3~12.11.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-qt3support\", rpm:\"libqt4-qt3support~4.4.3~12.11.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql\", rpm:\"libqt4-sql~4.4.3~12.11.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql-sqlite\", rpm:\"libqt4-sql-sqlite~4.4.3~12.11.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-x11\", rpm:\"libqt4-x11~4.4.3~12.11.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-04-06T11:39:28", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libqt4\n libqt4-qt3support\n libqt4-sql\n libqt4-sql-sqlite\n libqt4-x11\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-11-17T00:00:00", "type": "openvas", "title": "SLES11: Security update for libqt4", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2700"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066284", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066284", "sourceData": "#\n#VID c980cdd57955d1f78a74976fd2c23c32\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for libqt4\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libqt4\n libqt4-qt3support\n libqt4-sql\n libqt4-sql-sqlite\n libqt4-x11\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=534081\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.66284\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-17 21:42:12 +0100 (Tue, 17 Nov 2009)\");\n script_cve_id(\"CVE-2009-2700\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_name(\"SLES11: Security update for libqt4\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libqt4\", rpm:\"libqt4~4.4.3~12.11.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-qt3support\", rpm:\"libqt4-qt3support~4.4.3~12.11.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql\", rpm:\"libqt4-sql~4.4.3~12.11.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql-sqlite\", rpm:\"libqt4-sql-sqlite~4.4.3~12.11.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-x11\", rpm:\"libqt4-x11~4.4.3~12.11.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-04-06T11:39:54", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n dbus-1-qt\n qt\n qt-qt3support\n qt-sql\n qt-x11\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-11-17T00:00:00", "type": "openvas", "title": "SLES10: Security update for Qt3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2700"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066281", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066281", "sourceData": "#\n#VID slesp2-dbus-1-qt-6644\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Qt3\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n dbus-1-qt\n qt\n qt-qt3support\n qt-sql\n qt-x11\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66281\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-17 21:42:12 +0100 (Tue, 17 Nov 2009)\");\n script_cve_id(\"CVE-2009-2700\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_name(\"SLES10: Security update for Qt3\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"dbus-1-qt\", rpm:\"dbus-1-qt~4.3.4~0.7.1\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt\", rpm:\"qt~4.3.4~0.7.1\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-qt3support\", rpm:\"qt-qt3support~4.3.4~0.7.1\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-sql\", rpm:\"qt-sql~4.3.4~0.7.1\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-x11\", rpm:\"qt-x11~4.3.4~0.7.1\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-26T08:56:05", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n dbus-1-qt\n qt\n qt-qt3support\n qt-sql\n qt-x11\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-11-17T00:00:00", "type": "openvas", "title": "SLES10: Security update for Qt3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2700"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:66281", "href": "http://plugins.openvas.org/nasl.php?oid=66281", "sourceData": "#\n#VID slesp2-dbus-1-qt-6644\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Qt3\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n dbus-1-qt\n qt\n qt-qt3support\n qt-sql\n qt-x11\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_id(66281);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-17 21:42:12 +0100 (Tue, 17 Nov 2009)\");\n script_cve_id(\"CVE-2009-2700\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_name(\"SLES10: Security update for Qt3\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"dbus-1-qt\", rpm:\"dbus-1-qt~4.3.4~0.7.1\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt\", rpm:\"qt~4.3.4~0.7.1\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-qt3support\", rpm:\"qt-qt3support~4.3.4~0.7.1\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-sql\", rpm:\"qt-sql~4.3.4~0.7.1\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-x11\", rpm:\"qt-x11~4.3.4~0.7.1\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-25T10:57:11", "description": "The remote host is missing an update to qt\nannounced via advisory FEDORA-2009-8800.", "cvss3": {}, "published": "2009-09-02T00:00:00", "type": "openvas", "title": "Fedora Core 11 FEDORA-2009-8800 (qt)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1725"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:64716", "href": "http://plugins.openvas.org/nasl.php?oid=64716", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_8800.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-8800 (qt)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nQt's WebKit code did not properly handle numeric character\nreferences, which could allow remote attackers to cause a\ndenial of service (memory corruption and application crash)\nvia a crafted HTML document.\n\nAlso included is:\n\n* a fix for lib symlinks changing erroneously on upgrades\n* a fix for Copy and paste issues\n* added support for more x keycodes\n\nChangeLog:\n\n* Tue Aug 18 2009 Than Ngo - 4.5.2-2\n- security fix for CVE-2009-1725\n* Tue Aug 18 2009 Rex Dieter 4.5.2-1.2\n- kde-qt: 287-qmenu-respect-minwidth\n- kde-qt: 0288-more-x-keycodes (#475247)\n* Wed Aug 5 2009 Rex Dieter 4.5.2-1.1\n- use linker scripts for _debug targets (#510246)\n- apply upstream patch to fix issue in Copy and paste\n- optimize (icon-mostly) scriptlets\n- -x11: Requires(post,postun): /sbin/ldconfig\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update qt' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8800\";\ntag_summary = \"The remote host is missing an update to qt\nannounced via advisory FEDORA-2009-8800.\";\n\n\n\nif(description)\n{\n script_id(64716);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-02 04:58:39 +0200 (Wed, 02 Sep 2009)\");\n script_cve_id(\"CVE-2009-1725\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 11 FEDORA-2009-8800 (qt)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=513813\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"qt\", rpm:\"qt~4.5.2~2.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-demos\", rpm:\"qt-demos~4.5.2~2.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-devel\", rpm:\"qt-devel~4.5.2~2.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-examples\", rpm:\"qt-examples~4.5.2~2.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-mysql\", rpm:\"qt-mysql~4.5.2~2.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-odbc\", rpm:\"qt-odbc~4.5.2~2.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-postgresql\", rpm:\"qt-postgresql~4.5.2~2.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-x11\", rpm:\"qt-x11~4.5.2~2.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-debuginfo\", rpm:\"qt-debuginfo~4.5.2~2.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-doc\", rpm:\"qt-doc~4.5.2~2.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:37:24", "description": "The remote host is missing an update to qt\nannounced via advisory FEDORA-2009-8802.", "cvss3": {}, "published": "2009-09-02T00:00:00", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-8802 (qt)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1725"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064717", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064717", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_8802.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-8802 (qt)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nQt's WebKit code did not properly handle numeric character\nreferences, which could allow remote attackers to cause a\ndenial of service (memory corruption and application crash)\nvia a crafted HTML document.\n\nAlso included is:\n\n* a fix for lib symlinks changing erroneously on upgrades\n* a fix for Copy and paste issues\n* added support for more x keycodes\n\nChangeLog:\n\n* Tue Aug 18 2009 Than Ngo - 4.5.2-2\n- security fix for CVE-2009-1725\n* Tue Aug 18 2009 Rex Dieter 4.5.2-1.2\n- kde-qt: 287-qmenu-respect-minwidth\n- kde-qt: 0288-more-x-keycodes (#475247)\n* Wed Aug 5 2009 Rex Dieter 4.5.2-1.1\n- use linker scripts for _debug targets (#510246)\n- apply upstream patch to fix issue in Copy and paste\n- optimize (icon-mostly) scriptlets\n- -x11: Requires(post,postun): /sbin/ldconfig\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update qt' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8802\";\ntag_summary = \"The remote host is missing an update to qt\nannounced via advisory FEDORA-2009-8802.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64717\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-02 04:58:39 +0200 (Wed, 02 Sep 2009)\");\n script_cve_id(\"CVE-2009-1725\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 10 FEDORA-2009-8802 (qt)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=513813\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"qt\", rpm:\"qt~4.5.2~2.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-demos\", rpm:\"qt-demos~4.5.2~2.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-devel\", rpm:\"qt-devel~4.5.2~2.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-examples\", rpm:\"qt-examples~4.5.2~2.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-mysql\", rpm:\"qt-mysql~4.5.2~2.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-odbc\", rpm:\"qt-odbc~4.5.2~2.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-postgresql\", rpm:\"qt-postgresql~4.5.2~2.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-x11\", rpm:\"qt-x11~4.5.2~2.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-debuginfo\", rpm:\"qt-debuginfo~4.5.2~2.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-doc\", rpm:\"qt-doc~4.5.2~2.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:40:31", "description": "The remote host is missing an update to qt\nannounced via advisory FEDORA-2009-8800.", "cvss3": {}, "published": "2009-09-02T00:00:00", "type": "openvas", "title": "Fedora Core 11 FEDORA-2009-8800 (qt)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1725"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064716", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064716", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_8800.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-8800 (qt)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nQt's WebKit code did not properly handle numeric character\nreferences, which could allow remote attackers to cause a\ndenial of service (memory corruption and application crash)\nvia a crafted HTML document.\n\nAlso included is:\n\n* a fix for lib symlinks changing erroneously on upgrades\n* a fix for Copy and paste issues\n* added support for more x keycodes\n\nChangeLog:\n\n* Tue Aug 18 2009 Than Ngo - 4.5.2-2\n- security fix for CVE-2009-1725\n* Tue Aug 18 2009 Rex Dieter 4.5.2-1.2\n- kde-qt: 287-qmenu-respect-minwidth\n- kde-qt: 0288-more-x-keycodes (#475247)\n* Wed Aug 5 2009 Rex Dieter 4.5.2-1.1\n- use linker scripts for _debug targets (#510246)\n- apply upstream patch to fix issue in Copy and paste\n- optimize (icon-mostly) scriptlets\n- -x11: Requires(post,postun): /sbin/ldconfig\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update qt' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8800\";\ntag_summary = \"The remote host is missing an update to qt\nannounced via advisory FEDORA-2009-8800.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64716\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-02 04:58:39 +0200 (Wed, 02 Sep 2009)\");\n script_cve_id(\"CVE-2009-1725\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 11 FEDORA-2009-8800 (qt)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=513813\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"qt\", rpm:\"qt~4.5.2~2.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-demos\", rpm:\"qt-demos~4.5.2~2.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-devel\", rpm:\"qt-devel~4.5.2~2.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-examples\", rpm:\"qt-examples~4.5.2~2.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-mysql\", rpm:\"qt-mysql~4.5.2~2.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-odbc\", rpm:\"qt-odbc~4.5.2~2.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-postgresql\", rpm:\"qt-postgresql~4.5.2~2.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-x11\", rpm:\"qt-x11~4.5.2~2.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-debuginfo\", rpm:\"qt-debuginfo~4.5.2~2.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-doc\", rpm:\"qt-doc~4.5.2~2.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:05", "description": "The remote host is missing an update to qt\nannounced via advisory FEDORA-2009-8802.", "cvss3": {}, "published": "2009-09-02T00:00:00", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-8802 (qt)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1725"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:64717", "href": "http://plugins.openvas.org/nasl.php?oid=64717", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_8802.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-8802 (qt)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nQt's WebKit code did not properly handle numeric character\nreferences, which could allow remote attackers to cause a\ndenial of service (memory corruption and application crash)\nvia a crafted HTML document.\n\nAlso included is:\n\n* a fix for lib symlinks changing erroneously on upgrades\n* a fix for Copy and paste issues\n* added support for more x keycodes\n\nChangeLog:\n\n* Tue Aug 18 2009 Than Ngo - 4.5.2-2\n- security fix for CVE-2009-1725\n* Tue Aug 18 2009 Rex Dieter 4.5.2-1.2\n- kde-qt: 287-qmenu-respect-minwidth\n- kde-qt: 0288-more-x-keycodes (#475247)\n* Wed Aug 5 2009 Rex Dieter 4.5.2-1.1\n- use linker scripts for _debug targets (#510246)\n- apply upstream patch to fix issue in Copy and paste\n- optimize (icon-mostly) scriptlets\n- -x11: Requires(post,postun): /sbin/ldconfig\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update qt' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8802\";\ntag_summary = \"The remote host is missing an update to qt\nannounced via advisory FEDORA-2009-8802.\";\n\n\n\nif(description)\n{\n script_id(64717);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-02 04:58:39 +0200 (Wed, 02 Sep 2009)\");\n script_cve_id(\"CVE-2009-1725\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 10 FEDORA-2009-8802 (qt)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=513813\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"qt\", rpm:\"qt~4.5.2~2.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-demos\", rpm:\"qt-demos~4.5.2~2.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-devel\", rpm:\"qt-devel~4.5.2~2.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-examples\", rpm:\"qt-examples~4.5.2~2.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-mysql\", rpm:\"qt-mysql~4.5.2~2.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-odbc\", rpm:\"qt-odbc~4.5.2~2.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-postgresql\", rpm:\"qt-postgresql~4.5.2~2.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-x11\", rpm:\"qt-x11~4.5.2~2.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-debuginfo\", rpm:\"qt-debuginfo~4.5.2~2.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-doc\", rpm:\"qt-doc~4.5.2~2.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:21", "description": "The remote host is missing an update to qt4\nannounced via advisory MDVSA-2009:225.", "cvss3": {}, "published": "2009-09-15T00:00:00", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:225 (qt4)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2700", "CVE-2009-2408"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064836", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064836", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_225.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:225 (qt4)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been found and corrected in qt4:\n\nsrc/network/ssl/qsslcertificate.cpp in Nokia Trolltech Qt 4.x\ndoes not properly handle a '\\0' character in a domain name in the\nSubject Alternative Name field of an X.509 certificate, which allows\nman-in-the-middle attackers to spoof arbitrary SSL servers via a\ncrafted certificate issued by a legitimate Certification Authority,\na related issue to CVE-2009-2408 (CVE-2009-2700).\n\nThis update provides a solution to this vulnerability.\n\nAffected: 2009.0, 2009.1, Enterprise Server 5.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:225\";\ntag_summary = \"The remote host is missing an update to qt4\nannounced via advisory MDVSA-2009:225.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64836\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-15 22:46:32 +0200 (Tue, 15 Sep 2009)\");\n script_cve_id(\"CVE-2009-2408\", \"CVE-2009-2700\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:225 (qt4)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libqassistant4\", rpm:\"libqassistant4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt3support4\", rpm:\"libqt3support4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-devel\", rpm:\"libqt4-devel~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtclucene4\", rpm:\"libqtclucene4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtcore4\", rpm:\"libqtcore4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtdbus4\", rpm:\"libqtdbus4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtdesigner4\", rpm:\"libqtdesigner4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtgui4\", rpm:\"libqtgui4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqthelp4\", rpm:\"libqthelp4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtnetwork4\", rpm:\"libqtnetwork4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtopengl4\", rpm:\"libqtopengl4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtscript4\", rpm:\"libqtscript4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtscripttools4\", rpm:\"libqtscripttools4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtsql4\", rpm:\"libqtsql4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtsvg4\", rpm:\"libqtsvg4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqttest4\", rpm:\"libqttest4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtwebkit4\", rpm:\"libqtwebkit4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtxml4\", rpm:\"libqtxml4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtxmlpatterns4\", rpm:\"libqtxmlpatterns4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-accessibility-plugin\", rpm:\"qt4-accessibility-plugin~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-assistant\", rpm:\"qt4-assistant~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-common\", rpm:\"qt4-common~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-mysql\", rpm:\"qt4-database-plugin-mysql~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-odbc\", rpm:\"qt4-database-plugin-odbc~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-pgsql\", rpm:\"qt4-database-plugin-pgsql~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-sqlite\", rpm:\"qt4-database-plugin-sqlite~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-tds\", rpm:\"qt4-database-plugin-tds~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-designer\", rpm:\"qt4-designer~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-doc\", rpm:\"qt4-doc~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-examples\", rpm:\"qt4-examples~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-graphicssystems-plugin\", rpm:\"qt4-graphicssystems-plugin~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-linguist\", rpm:\"qt4-linguist~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qdoc3\", rpm:\"qt4-qdoc3~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qtconfig\", rpm:\"qt4-qtconfig~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qtdbus\", rpm:\"qt4-qtdbus~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qvfb\", rpm:\"qt4-qvfb~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-xmlpatterns\", rpm:\"qt4-xmlpatterns~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qassistant4\", rpm:\"lib64qassistant4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qt3support4\", rpm:\"lib64qt3support4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qt4-devel\", rpm:\"lib64qt4-devel~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtclucene4\", rpm:\"lib64qtclucene4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtcore4\", rpm:\"lib64qtcore4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtdbus4\", rpm:\"lib64qtdbus4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtdesigner4\", rpm:\"lib64qtdesigner4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtgui4\", rpm:\"lib64qtgui4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qthelp4\", rpm:\"lib64qthelp4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtnetwork4\", rpm:\"lib64qtnetwork4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtopengl4\", rpm:\"lib64qtopengl4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtscript4\", rpm:\"lib64qtscript4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtscripttools4\", rpm:\"lib64qtscripttools4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtsql4\", rpm:\"lib64qtsql4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtsvg4\", rpm:\"lib64qtsvg4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qttest4\", rpm:\"lib64qttest4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtwebkit4\", rpm:\"lib64qtwebkit4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtxml4\", rpm:\"lib64qtxml4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtxmlpatterns4\", rpm:\"lib64qtxmlpatterns4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqassistant4\", rpm:\"libqassistant4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt3support4\", rpm:\"libqt3support4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-devel\", rpm:\"libqt4-devel~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtclucene4\", rpm:\"libqtclucene4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtcore4\", rpm:\"libqtcore4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtdbus4\", rpm:\"libqtdbus4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtdesigner4\", rpm:\"libqtdesigner4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtgui4\", rpm:\"libqtgui4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqthelp4\", rpm:\"libqthelp4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtnetwork4\", rpm:\"libqtnetwork4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtopengl4\", rpm:\"libqtopengl4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtscript4\", rpm:\"libqtscript4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtscripttools4\", rpm:\"libqtscripttools4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtsql4\", rpm:\"libqtsql4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtsvg4\", rpm:\"libqtsvg4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqttest4\", rpm:\"libqttest4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtwebkit4\", rpm:\"libqtwebkit4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtxml4\", rpm:\"libqtxml4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtxmlpatterns4\", rpm:\"libqtxmlpatterns4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-accessibility-plugin\", rpm:\"qt4-accessibility-plugin~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-assistant\", rpm:\"qt4-assistant~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-common\", rpm:\"qt4-common~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-mysql\", rpm:\"qt4-database-plugin-mysql~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-odbc\", rpm:\"qt4-database-plugin-odbc~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-pgsql\", rpm:\"qt4-database-plugin-pgsql~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-sqlite\", rpm:\"qt4-database-plugin-sqlite~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-tds\", rpm:\"qt4-database-plugin-tds~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-designer\", rpm:\"qt4-designer~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-doc\", rpm:\"qt4-doc~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-examples\", rpm:\"qt4-examples~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-graphicssystems-plugin\", rpm:\"qt4-graphicssystems-plugin~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-linguist\", rpm:\"qt4-linguist~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qdoc3\", rpm:\"qt4-qdoc3~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qtconfig\", rpm:\"qt4-qtconfig~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qtdbus\", rpm:\"qt4-qtdbus~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qvfb\", rpm:\"qt4-qvfb~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-xmlpatterns\", rpm:\"qt4-xmlpatterns~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qassistant4\", rpm:\"lib64qassistant4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qt3support4\", rpm:\"lib64qt3support4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qt4-devel\", rpm:\"lib64qt4-devel~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtclucene4\", rpm:\"lib64qtclucene4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtcore4\", rpm:\"lib64qtcore4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtdbus4\", rpm:\"lib64qtdbus4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtdesigner4\", rpm:\"lib64qtdesigner4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtgui4\", rpm:\"lib64qtgui4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qthelp4\", rpm:\"lib64qthelp4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtnetwork4\", rpm:\"lib64qtnetwork4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtopengl4\", rpm:\"lib64qtopengl4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtscript4\", rpm:\"lib64qtscript4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtscripttools4\", rpm:\"lib64qtscripttools4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtsql4\", rpm:\"lib64qtsql4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtsvg4\", rpm:\"lib64qtsvg4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qttest4\", rpm:\"lib64qttest4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtwebkit4\", rpm:\"lib64qtwebkit4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtxml4\", rpm:\"lib64qtxml4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtxmlpatterns4\", rpm:\"lib64qtxmlpatterns4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqassistant4\", rpm:\"libqassistant4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt3support4\", rpm:\"libqt3support4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-devel\", rpm:\"libqt4-devel~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtclucene4\", rpm:\"libqtclucene4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtcore4\", rpm:\"libqtcore4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtdbus4\", rpm:\"libqtdbus4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtdesigner4\", rpm:\"libqtdesigner4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtgui4\", rpm:\"libqtgui4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqthelp4\", rpm:\"libqthelp4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtnetwork4\", rpm:\"libqtnetwork4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtopengl4\", rpm:\"libqtopengl4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtscript4\", rpm:\"libqtscript4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtsql4\", rpm:\"libqtsql4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtsvg4\", rpm:\"libqtsvg4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqttest4\", rpm:\"libqttest4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtwebkit4\", rpm:\"libqtwebkit4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtxml4\", rpm:\"libqtxml4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtxmlpatterns4\", rpm:\"libqtxmlpatterns4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-accessibility-plugin-lib\", rpm:\"qt4-accessibility-plugin-lib~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-assistant\", rpm:\"qt4-assistant~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-common\", rpm:\"qt4-common~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-mysql-lib\", rpm:\"qt4-database-plugin-mysql-lib~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-odbc-lib\", rpm:\"qt4-database-plugin-odbc-lib~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-pgsql-lib\", rpm:\"qt4-database-plugin-pgsql-lib~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-sqlite-lib\", rpm:\"qt4-database-plugin-sqlite-lib~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-designer\", rpm:\"qt4-designer~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-doc\", rpm:\"qt4-doc~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-examples\", rpm:\"qt4-examples~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-linguist\", rpm:\"qt4-linguist~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qtconfig\", rpm:\"qt4-qtconfig~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qtdbus\", rpm:\"qt4-qtdbus~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qvfb\", rpm:\"qt4-qvfb~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-xmlpatterns\", rpm:\"qt4-xmlpatterns~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qassistant4\", rpm:\"lib64qassistant4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qt3support4\", rpm:\"lib64qt3support4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qt4-devel\", rpm:\"lib64qt4-devel~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtclucene4\", rpm:\"lib64qtclucene4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtcore4\", rpm:\"lib64qtcore4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtdbus4\", rpm:\"lib64qtdbus4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtdesigner4\", rpm:\"lib64qtdesigner4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtgui4\", rpm:\"lib64qtgui4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qthelp4\", rpm:\"lib64qthelp4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtnetwork4\", rpm:\"lib64qtnetwork4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtopengl4\", rpm:\"lib64qtopengl4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtscript4\", rpm:\"lib64qtscript4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtsql4\", rpm:\"lib64qtsql4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtsvg4\", rpm:\"lib64qtsvg4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qttest4\", rpm:\"lib64qttest4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtwebkit4\", rpm:\"lib64qtwebkit4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtxml4\", rpm:\"lib64qtxml4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtxmlpatterns4\", rpm:\"lib64qtxmlpatterns4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-accessibility-plugin-lib64\", rpm:\"qt4-accessibility-plugin-lib64~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-mysql-lib64\", rpm:\"qt4-database-plugin-mysql-lib64~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-odbc-lib64\", rpm:\"qt4-database-plugin-odbc-lib64~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-pgsql-lib64\", rpm:\"qt4-database-plugin-pgsql-lib64~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-sqlite-lib64\", rpm:\"qt4-database-plugin-sqlite-lib64~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:56:27", "description": "The remote host is missing an update to qt4\nannounced via advisory MDVSA-2009:225.", "cvss3": {}, "published": "2009-09-15T00:00:00", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:225 (qt4)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2700", "CVE-2009-2408"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:64836", "href": "http://plugins.openvas.org/nasl.php?oid=64836", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_225.nasl 6573 2017-07-06 13:10:50Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:225 (qt4)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been found and corrected in qt4:\n\nsrc/network/ssl/qsslcertificate.cpp in Nokia Trolltech Qt 4.x\ndoes not properly handle a '\\0' character in a domain name in the\nSubject Alternative Name field of an X.509 certificate, which allows\nman-in-the-middle attackers to spoof arbitrary SSL servers via a\ncrafted certificate issued by a legitimate Certification Authority,\na related issue to CVE-2009-2408 (CVE-2009-2700).\n\nThis update provides a solution to this vulnerability.\n\nAffected: 2009.0, 2009.1, Enterprise Server 5.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:225\";\ntag_summary = \"The remote host is missing an update to qt4\nannounced via advisory MDVSA-2009:225.\";\n\n \n\nif(description)\n{\n script_id(64836);\n script_version(\"$Revision: 6573 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:10:50 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-15 22:46:32 +0200 (Tue, 15 Sep 2009)\");\n script_cve_id(\"CVE-2009-2408\", \"CVE-2009-2700\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:225 (qt4)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libqassistant4\", rpm:\"libqassistant4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt3support4\", rpm:\"libqt3support4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-devel\", rpm:\"libqt4-devel~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtclucene4\", rpm:\"libqtclucene4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtcore4\", rpm:\"libqtcore4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtdbus4\", rpm:\"libqtdbus4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtdesigner4\", rpm:\"libqtdesigner4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtgui4\", rpm:\"libqtgui4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqthelp4\", rpm:\"libqthelp4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtnetwork4\", rpm:\"libqtnetwork4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtopengl4\", rpm:\"libqtopengl4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtscript4\", rpm:\"libqtscript4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtscripttools4\", rpm:\"libqtscripttools4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtsql4\", rpm:\"libqtsql4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtsvg4\", rpm:\"libqtsvg4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqttest4\", rpm:\"libqttest4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtwebkit4\", rpm:\"libqtwebkit4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtxml4\", rpm:\"libqtxml4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtxmlpatterns4\", rpm:\"libqtxmlpatterns4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-accessibility-plugin\", rpm:\"qt4-accessibility-plugin~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-assistant\", rpm:\"qt4-assistant~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-common\", rpm:\"qt4-common~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-mysql\", rpm:\"qt4-database-plugin-mysql~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-odbc\", rpm:\"qt4-database-plugin-odbc~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-pgsql\", rpm:\"qt4-database-plugin-pgsql~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-sqlite\", rpm:\"qt4-database-plugin-sqlite~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-tds\", rpm:\"qt4-database-plugin-tds~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-designer\", rpm:\"qt4-designer~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-doc\", rpm:\"qt4-doc~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-examples\", rpm:\"qt4-examples~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-graphicssystems-plugin\", rpm:\"qt4-graphicssystems-plugin~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-linguist\", rpm:\"qt4-linguist~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qdoc3\", rpm:\"qt4-qdoc3~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qtconfig\", rpm:\"qt4-qtconfig~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qtdbus\", rpm:\"qt4-qtdbus~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qvfb\", rpm:\"qt4-qvfb~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-xmlpatterns\", rpm:\"qt4-xmlpatterns~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qassistant4\", rpm:\"lib64qassistant4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qt3support4\", rpm:\"lib64qt3support4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qt4-devel\", rpm:\"lib64qt4-devel~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtclucene4\", rpm:\"lib64qtclucene4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtcore4\", rpm:\"lib64qtcore4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtdbus4\", rpm:\"lib64qtdbus4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtdesigner4\", rpm:\"lib64qtdesigner4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtgui4\", rpm:\"lib64qtgui4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qthelp4\", rpm:\"lib64qthelp4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtnetwork4\", rpm:\"lib64qtnetwork4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtopengl4\", rpm:\"lib64qtopengl4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtscript4\", rpm:\"lib64qtscript4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtscripttools4\", rpm:\"lib64qtscripttools4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtsql4\", rpm:\"lib64qtsql4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtsvg4\", rpm:\"lib64qtsvg4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qttest4\", rpm:\"lib64qttest4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtwebkit4\", rpm:\"lib64qtwebkit4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtxml4\", rpm:\"lib64qtxml4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtxmlpatterns4\", rpm:\"lib64qtxmlpatterns4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqassistant4\", rpm:\"libqassistant4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt3support4\", rpm:\"libqt3support4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-devel\", rpm:\"libqt4-devel~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtclucene4\", rpm:\"libqtclucene4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtcore4\", rpm:\"libqtcore4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtdbus4\", rpm:\"libqtdbus4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtdesigner4\", rpm:\"libqtdesigner4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtgui4\", rpm:\"libqtgui4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqthelp4\", rpm:\"libqthelp4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtnetwork4\", rpm:\"libqtnetwork4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtopengl4\", rpm:\"libqtopengl4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtscript4\", rpm:\"libqtscript4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtscripttools4\", rpm:\"libqtscripttools4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtsql4\", rpm:\"libqtsql4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtsvg4\", rpm:\"libqtsvg4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqttest4\", rpm:\"libqttest4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtwebkit4\", rpm:\"libqtwebkit4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtxml4\", rpm:\"libqtxml4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtxmlpatterns4\", rpm:\"libqtxmlpatterns4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-accessibility-plugin\", rpm:\"qt4-accessibility-plugin~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-assistant\", rpm:\"qt4-assistant~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-common\", rpm:\"qt4-common~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-mysql\", rpm:\"qt4-database-plugin-mysql~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-odbc\", rpm:\"qt4-database-plugin-odbc~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-pgsql\", rpm:\"qt4-database-plugin-pgsql~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-sqlite\", rpm:\"qt4-database-plugin-sqlite~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-tds\", rpm:\"qt4-database-plugin-tds~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-designer\", rpm:\"qt4-designer~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-doc\", rpm:\"qt4-doc~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-examples\", rpm:\"qt4-examples~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-graphicssystems-plugin\", rpm:\"qt4-graphicssystems-plugin~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-linguist\", rpm:\"qt4-linguist~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qdoc3\", rpm:\"qt4-qdoc3~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qtconfig\", rpm:\"qt4-qtconfig~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qtdbus\", rpm:\"qt4-qtdbus~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qvfb\", rpm:\"qt4-qvfb~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-xmlpatterns\", rpm:\"qt4-xmlpatterns~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qassistant4\", rpm:\"lib64qassistant4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qt3support4\", rpm:\"lib64qt3support4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qt4-devel\", rpm:\"lib64qt4-devel~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtclucene4\", rpm:\"lib64qtclucene4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtcore4\", rpm:\"lib64qtcore4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtdbus4\", rpm:\"lib64qtdbus4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtdesigner4\", rpm:\"lib64qtdesigner4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtgui4\", rpm:\"lib64qtgui4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qthelp4\", rpm:\"lib64qthelp4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtnetwork4\", rpm:\"lib64qtnetwork4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtopengl4\", rpm:\"lib64qtopengl4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtscript4\", rpm:\"lib64qtscript4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtscripttools4\", rpm:\"lib64qtscripttools4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtsql4\", rpm:\"lib64qtsql4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtsvg4\", rpm:\"lib64qtsvg4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qttest4\", rpm:\"lib64qttest4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtwebkit4\", rpm:\"lib64qtwebkit4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtxml4\", rpm:\"lib64qtxml4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtxmlpatterns4\", rpm:\"lib64qtxmlpatterns4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqassistant4\", rpm:\"libqassistant4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt3support4\", rpm:\"libqt3support4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-devel\", rpm:\"libqt4-devel~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtclucene4\", rpm:\"libqtclucene4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtcore4\", rpm:\"libqtcore4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtdbus4\", rpm:\"libqtdbus4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtdesigner4\", rpm:\"libqtdesigner4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtgui4\", rpm:\"libqtgui4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqthelp4\", rpm:\"libqthelp4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtnetwork4\", rpm:\"libqtnetwork4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtopengl4\", rpm:\"libqtopengl4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtscript4\", rpm:\"libqtscript4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtsql4\", rpm:\"libqtsql4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtsvg4\", rpm:\"libqtsvg4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqttest4\", rpm:\"libqttest4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtwebkit4\", rpm:\"libqtwebkit4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtxml4\", rpm:\"libqtxml4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtxmlpatterns4\", rpm:\"libqtxmlpatterns4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-accessibility-plugin-lib\", rpm:\"qt4-accessibility-plugin-lib~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-assistant\", rpm:\"qt4-assistant~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-common\", rpm:\"qt4-common~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-mysql-lib\", rpm:\"qt4-database-plugin-mysql-lib~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-odbc-lib\", rpm:\"qt4-database-plugin-odbc-lib~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-pgsql-lib\", rpm:\"qt4-database-plugin-pgsql-lib~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-sqlite-lib\", rpm:\"qt4-database-plugin-sqlite-lib~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-designer\", rpm:\"qt4-designer~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-doc\", rpm:\"qt4-doc~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-examples\", rpm:\"qt4-examples~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-linguist\", rpm:\"qt4-linguist~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qtconfig\", rpm:\"qt4-qtconfig~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qtdbus\", rpm:\"qt4-qtdbus~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qvfb\", rpm:\"qt4-qvfb~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-xmlpatterns\", rpm:\"qt4-xmlpatterns~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qassistant4\", rpm:\"lib64qassistant4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qt3support4\", rpm:\"lib64qt3support4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qt4-devel\", rpm:\"lib64qt4-devel~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtclucene4\", rpm:\"lib64qtclucene4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtcore4\", rpm:\"lib64qtcore4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtdbus4\", rpm:\"lib64qtdbus4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtdesigner4\", rpm:\"lib64qtdesigner4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtgui4\", rpm:\"lib64qtgui4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qthelp4\", rpm:\"lib64qthelp4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtnetwork4\", rpm:\"lib64qtnetwork4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtopengl4\", rpm:\"lib64qtopengl4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtscript4\", rpm:\"lib64qtscript4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtsql4\", rpm:\"lib64qtsql4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtsvg4\", rpm:\"lib64qtsvg4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qttest4\", rpm:\"lib64qttest4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtwebkit4\", rpm:\"lib64qtwebkit4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtxml4\", rpm:\"lib64qtxml4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtxmlpatterns4\", rpm:\"lib64qtxmlpatterns4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-accessibility-plugin-lib64\", rpm:\"qt4-accessibility-plugin-lib64~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-mysql-lib64\", rpm:\"qt4-database-plugin-mysql-lib64~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-odbc-lib64\", rpm:\"qt4-database-plugin-odbc-lib64~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-pgsql-lib64\", rpm:\"qt4-database-plugin-pgsql-lib64~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-sqlite-lib64\", rpm:\"qt4-database-plugin-sqlite-lib64~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:13:59", "description": "This host is installed with Apple Safari Web Browser and is prone to Denial\n of Service or Cross-Site Scripting vulnerability.", "cvss3": {}, "published": "2009-07-12T00:00:00", "type": "openvas", "title": "Apple Safari DoS or XSS Vulnerability - July09", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1725", "CVE-2009-1724"], "modified": "2016-12-28T00:00:00", "id": "OPENVAS:800834", "href": "http://plugins.openvas.org/nasl.php?oid=800834", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_apple_safari_dos_n_xss_vuln_jul09.nasl 4865 2016-12-28 16:16:43Z teissa $\n#\n# Apple Safari DoS or XSS Vulnerability - July09\n#\n# Authors:\n# Sharath S <sharaths@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will let the attacker execute arbitrary code and can\n cause memory corruption, XSS attacks and can deny the service in the victim's\n system.\n Impact Level: Application\";\ntag_affected = \"Apple Safari version prior to 4.0.2 on Windows.\";\ntag_insight = \"- Error in 'WebKit' is allow user to inject arbitrary web script or HTML via\n vectors related to parent and top objects.\n - Error in 'WebKit' is fails to handle numeric character references via a\n crafted HTML document.\";\ntag_solution = \"Upgrade to Safari version 4.0.2 (4.30.19.1)\n http://www.apple.com/support/downloads\";\ntag_summary = \"This host is installed with Apple Safari Web Browser and is prone to Denial\n of Service or Cross-Site Scripting vulnerability.\";\n\nif(description)\n{\n script_id(800834);\n script_version(\"$Revision: 4865 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-12-28 17:16:43 +0100 (Wed, 28 Dec 2016) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-12 15:16:55 +0200 (Sun, 12 Jul 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2009-1724\", \"CVE-2009-1725\");\n script_bugtraq_id(35441, 35607);\n script_name(\"Apple Safari DoS or XSS Vulnerability - July09\");\n script_xref(name : \"URL\" , value : \"http://support.apple.com/kb/HT3666\");\n script_xref(name : \"URL\" , value : \"http://lists.apple.com/archives/security-announce/2009/Jul/msg00000.html\");\n\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"secpod_apple_safari_detect_win_900003.nasl\");\n script_require_keys(\"AppleSafari/Version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nsafariVer = get_kb_item(\"AppleSafari/Version\");\nif(!safariVer){\n exit(0);\n}\n\n# Check for Apple Safari Version < 4.0.2 (4.30.19.1)\nif(version_is_less(version:safariVer, test_version:\"4.30.19.1\")){\n security_message(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-03-03T21:01:39", "description": "This host is installed with Apple Safari Web Browser and is prone to Denial\n of Service or Cross-Site Scripting vulnerability.", "cvss3": {}, "published": "2009-07-12T00:00:00", "type": "openvas", "title": "Apple Safari DoS or XSS Vulnerability - July09", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1725", "CVE-2009-1724"], "modified": "2020-02-28T00:00:00", "id": "OPENVAS:1361412562310800834", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310800834", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apple Safari DoS or XSS Vulnerability - July09\n#\n# Authors:\n# Sharath S <sharaths@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apple:safari\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.800834\");\n script_version(\"2020-02-28T13:41:47+0000\");\n script_tag(name:\"last_modification\", value:\"2020-02-28 13:41:47 +0000 (Fri, 28 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2009-07-12 15:16:55 +0200 (Sun, 12 Jul 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2009-1724\", \"CVE-2009-1725\");\n script_bugtraq_id(35441, 35607);\n script_name(\"Apple Safari DoS or XSS Vulnerability - July09\");\n script_xref(name:\"URL\", value:\"http://support.apple.com/kb/HT3666\");\n script_xref(name:\"URL\", value:\"http://lists.apple.com/archives/security-announce/2009/Jul/msg00000.html\");\n\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"secpod_apple_safari_detect_win_900003.nasl\");\n script_mandatory_keys(\"AppleSafari/Version\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will let the attacker execute arbitrary code and can\n cause memory corruption, XSS attacks and can deny the service in the victim's system.\");\n\n script_tag(name:\"affected\", value:\"Apple Safari version prior to 4.0.2 on Windows.\");\n\n script_tag(name:\"insight\", value:\"- Error in 'WebKit' is allow user to inject arbitrary web script or HTML via\n vectors related to parent and top objects.\n\n - Error in 'WebKit' is fails to handle numeric character references via a\n crafted HTML document.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Safari version 4.0.2 (4.30.19.1).\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apple Safari Web Browser and is prone to Denial\n of Service or Cross-Site Scripting vulnerability.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nvers = infos[\"version\"];\npath = infos[\"location\"];\n\nif(version_is_less(version:vers, test_version:\"4.30.19.1\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"Safari 4.0.2 (4.30.19.1)\", install_path:path);\n security_message(port:0, data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-18T10:57:48", "description": "Check for the Version of qt", "cvss3": {}, "published": "2010-05-17T00:00:00", "type": "openvas", "title": "Fedora Update for qt FEDORA-2010-8379", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0049", "CVE-2010-0052", "CVE-2010-0046", "CVE-2010-0054", "CVE-2010-0048", "CVE-2009-1725", "CVE-2009-2700", "CVE-2010-0648", "CVE-2010-0656", "CVE-2010-0053", "CVE-2010-0047", "CVE-2010-0051", "CVE-2010-0050"], "modified": "2017-12-18T00:00:00", "id": "OPENVAS:861955", "href": "http://plugins.openvas.org/nasl.php?oid=861955", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for qt FEDORA-2010-8379\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Qt is a software toolkit for developing applications.\n\n This package contains base tools, like string, xml, and network\n handling.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"qt on Fedora 11\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041432.html\");\n script_id(861955);\n script_version(\"$Revision: 8153 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-18 07:30:39 +0100 (Mon, 18 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-05-17 16:00:10 +0200 (Mon, 17 May 2010)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-8379\");\n script_cve_id(\"CVE-2010-0047\", \"CVE-2010-0648\", \"CVE-2010-0656\", \"CVE-2010-0046\", \"CVE-2010-0049\", \"CVE-2010-0050\", \"CVE-2010-0051\", \"CVE-2010-0052\", \"CVE-2010-0054\", \"CVE-2009-2700\", \"CVE-2009-1725\", \"CVE-2010-0048\", \"CVE-2010-0053\");\n script_name(\"Fedora Update for qt FEDORA-2010-8379\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of qt\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC11\")\n{\n\n if ((res = isrpmvuln(pkg:\"qt\", rpm:\"qt~4.6.2~17.fc11\", rls:\"FC11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-08T12:53:35", "description": "Check for the Version of qt", "cvss3": {}, "published": "2010-05-17T00:00:00", "type": "openvas", "title": "Fedora Update for qt FEDORA-2010-8379", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0049", "CVE-2010-0052", "CVE-2010-0046", "CVE-2010-0054", "CVE-2010-0048", "CVE-2009-1725", "CVE-2009-2700", "CVE-2010-0648", "CVE-2010-0656", "CVE-2010-0053", "CVE-2010-0047", "CVE-2010-0051", "CVE-2010-0050"], "modified": "2018-01-08T00:00:00", "id": "OPENVAS:1361412562310861955", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310861955", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for qt FEDORA-2010-8379\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Qt is a software toolkit for developing applications.\n\n This package contains base tools, like string, xml, and network\n handling.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"qt on Fedora 11\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041432.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.861955\");\n script_version(\"$Revision: 8314 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-08 09:01:01 +0100 (Mon, 08 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-05-17 16:00:10 +0200 (Mon, 17 May 2010)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-8379\");\n script_cve_id(\"CVE-2010-0047\", \"CVE-2010-0648\", \"CVE-2010-0656\", \"CVE-2010-0046\", \"CVE-2010-0049\", \"CVE-2010-0050\", \"CVE-2010-0051\", \"CVE-2010-0052\", \"CVE-2010-0054\", \"CVE-2009-2700\", \"CVE-2009-1725\", \"CVE-2010-0048\", \"CVE-2010-0053\");\n script_name(\"Fedora Update for qt FEDORA-2010-8379\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of qt\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC11\")\n{\n\n if ((res = isrpmvuln(pkg:\"qt\", rpm:\"qt~4.6.2~17.fc11\", rls:\"FC11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:13", "description": "The remote host is missing an update to kdelibs3\nannounced via advisory FEDORA-2009-8046.", "cvss3": {}, "published": "2009-07-29T00:00:00", "type": "openvas", "title": "Fedora Core 11 FEDORA-2009-8046 (kdelibs3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1698", "CVE-2009-1725", "CVE-2009-1690", "CVE-2009-2537", "CVE-2009-1687"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064474", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064474", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_8046.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-8046 (kdelibs3)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nThis update fixes several security issues in the KDE 3 compatibility version of\nKHTML (CVE-2009-1725, CVE-2009-1690, CVE-2009-1687, CVE-2009-1698,\nCVE-2009-2537) which may lead to a denial of service or potentially even\narbitrary code execution. In addition, the package was fixed to build with\nthe latest version of automake.\n\nChangeLog:\n\n* Sun Jul 26 2009 Kevin Kofler - 3.5.10-13\n- fix CVE-2009-2537 - select length DoS\n- fix CVE-2009-1725 - crash, possible ACE in numeric character references\n- fix CVE-2009-1690 - crash, possible ACE in KHTML ( use-after-free)\n- fix CVE-2009-1687 - possible ACE in KJS (FIXME: still crashes?)\n- fix CVE-2009-1698 - crash, possible ACE in CSS style attribute handling\n* Fri Jul 24 2009 Fedora Release Engineering - 3.5.10-12\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild\n* Sat Jul 18 2009 Rex Dieter - 3.5.10-12\n- FTBFS kdelibs3-3.5.10-11.fc11 (#511571)\n- -devel: Requires: %{name}%_isa ...\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update kdelibs3' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8046\";\ntag_summary = \"The remote host is missing an update to kdelibs3\nannounced via advisory FEDORA-2009-8046.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64474\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)\");\n script_cve_id(\"CVE-2009-1725\", \"CVE-2009-1690\", \"CVE-2009-1687\", \"CVE-2009-1698\", \"CVE-2009-2537\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 11 FEDORA-2009-8046 (kdelibs3)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=513813\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=505571\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=506453\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=506469\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=512911\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kdelibs3\", rpm:\"kdelibs3~3.5.10~13.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs3-devel\", rpm:\"kdelibs3-devel~3.5.10~13.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs3-debuginfo\", rpm:\"kdelibs3-debuginfo~3.5.10~13.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs3-apidocs\", rpm:\"kdelibs3-apidocs~3.5.10~13.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:37:28", "description": "The remote host is missing an update to kdelibs3\nannounced via advisory FEDORA-2009-8020.", "cvss3": {}, "published": "2009-07-29T00:00:00", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-8020 (kdelibs3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1698", "CVE-2009-1725", "CVE-2009-1690", "CVE-2009-2537", "CVE-2009-1687"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064475", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064475", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_8020.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-8020 (kdelibs3)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nThis update fixes several security issues in the KDE 3 compatibility version of\nKHTML (CVE-2009-1725, CVE-2009-1690, CVE-2009-1687, CVE-2009-1698,\nCVE-2009-2537) which may lead to a denial of service or potentially even\narbitrary code execution. In addition, the package was fixed to build with\nthe latest version of automake, and the following fixes and improvements were\nmerged from the Fedora 11 package:\n* slight speedup to /etc/profile.d/kde.sh,\n* fixed unowned directories,\n* fixed harmless (as the file contents match) file conflicts with KDE 4.2.x,\n* fixed build with GCC 4.4 (but this package is built with Fedora 10's\n GCC 4.3.2),\n* moved Qt Designer plugins to the runtime package as they can be needed at\n runtime (e.g. by PyKDE programs),\n* kdelibs3-apidocs is now a noarch subpackage.\n\nChangeLog:\n\n* Sun Jul 26 2009 Kevin Kofler - 3.5.10-13\n- fix CVE-2009-2537 - select length DoS\n- fix CVE-2009-1725 - crash, possible ACE in numeric character references\n- fix CVE-2009-1690 - crash, possible ACE in KHTML ( use-after-free)\n- fix CVE-2009-1687 - possible ACE in KJS (FIXME: still crashes?)\n- fix CVE-2009-1698 - crash, possible ACE in CSS style attribute handling\n* Fri Jul 24 2009 Fedora Release Engineering - 3.5.10-12\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild\n* Sat Jul 18 2009 Rex Dieter - 3.5.10-12\n- FTBFS kdelibs3-3.5.10-11.fc11 (#511571)\n- -devel: Requires: %{name}%_isa ...\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update kdelibs3' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8020\";\ntag_summary = \"The remote host is missing an update to kdelibs3\nannounced via advisory FEDORA-2009-8020.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64475\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)\");\n script_cve_id(\"CVE-2009-1725\", \"CVE-2009-1690\", \"CVE-2009-1687\", \"CVE-2009-1698\", \"CVE-2009-2537\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 10 FEDORA-2009-8020 (kdelibs3)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=513813\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=505571\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=506453\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=506469\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=512911\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kdelibs3\", rpm:\"kdelibs3~3.5.10~13.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs3-devel\", rpm:\"kdelibs3-devel~3.5.10~13.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs3-debuginfo\", rpm:\"kdelibs3-debuginfo~3.5.10~13.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs3-apidocs\", rpm:\"kdelibs3-apidocs~3.5.10~13.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:07", "description": "The remote host is missing an update to kdelibs3\nannounced via advisory FEDORA-2009-8020.", "cvss3": {}, "published": "2009-07-29T00:00:00", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-8020 (kdelibs3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1698", "CVE-2009-1725", "CVE-2009-1690", "CVE-2009-2537", "CVE-2009-1687"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:64475", "href": "http://plugins.openvas.org/nasl.php?oid=64475", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_8020.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-8020 (kdelibs3)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nThis update fixes several security issues in the KDE 3 compatibility version of\nKHTML (CVE-2009-1725, CVE-2009-1690, CVE-2009-1687, CVE-2009-1698,\nCVE-2009-2537) which may lead to a denial of service or potentially even\narbitrary code execution. In addition, the package was fixed to build with\nthe latest version of automake, and the following fixes and improvements were\nmerged from the Fedora 11 package:\n* slight speedup to /etc/profile.d/kde.sh,\n* fixed unowned directories,\n* fixed harmless (as the file contents match) file conflicts with KDE 4.2.x,\n* fixed build with GCC 4.4 (but this package is built with Fedora 10's\n GCC 4.3.2),\n* moved Qt Designer plugins to the runtime package as they can be needed at\n runtime (e.g. by PyKDE programs),\n* kdelibs3-apidocs is now a noarch subpackage.\n\nChangeLog:\n\n* Sun Jul 26 2009 Kevin Kofler - 3.5.10-13\n- fix CVE-2009-2537 - select length DoS\n- fix CVE-2009-1725 - crash, possible ACE in numeric character references\n- fix CVE-2009-1690 - crash, possible ACE in KHTML ( use-after-free)\n- fix CVE-2009-1687 - possible ACE in KJS (FIXME: still crashes?)\n- fix CVE-2009-1698 - crash, possible ACE in CSS style attribute handling\n* Fri Jul 24 2009 Fedora Release Engineering - 3.5.10-12\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild\n* Sat Jul 18 2009 Rex Dieter - 3.5.10-12\n- FTBFS kdelibs3-3.5.10-11.fc11 (#511571)\n- -devel: Requires: %{name}%_isa ...\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update kdelibs3' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8020\";\ntag_summary = \"The remote host is missing an update to kdelibs3\nannounced via advisory FEDORA-2009-8020.\";\n\n\n\nif(description)\n{\n script_id(64475);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)\");\n script_cve_id(\"CVE-2009-1725\", \"CVE-2009-1690\", \"CVE-2009-1687\", \"CVE-2009-1698\", \"CVE-2009-2537\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 10 FEDORA-2009-8020 (kdelibs3)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=513813\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=505571\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=506453\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=506469\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=512911\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kdelibs3\", rpm:\"kdelibs3~3.5.10~13.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs3-devel\", rpm:\"kdelibs3-devel~3.5.10~13.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs3-debuginfo\", rpm:\"kdelibs3-debuginfo~3.5.10~13.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs3-apidocs\", rpm:\"kdelibs3-apidocs~3.5.10~13.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:44", "description": "The remote host is missing an update to kdelibs3\nannounced via advisory FEDORA-2009-8046.", "cvss3": {}, "published": "2009-07-29T00:00:00", "type": "openvas", "title": "Fedora Core 11 FEDORA-2009-8046 (kdelibs3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1698", "CVE-2009-1725", "CVE-2009-1690", "CVE-2009-2537", "CVE-2009-1687"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:64474", "href": "http://plugins.openvas.org/nasl.php?oid=64474", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_8046.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-8046 (kdelibs3)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nThis update fixes several security issues in the KDE 3 compatibility version of\nKHTML (CVE-2009-1725, CVE-2009-1690, CVE-2009-1687, CVE-2009-1698,\nCVE-2009-2537) which may lead to a denial of service or potentially even\narbitrary code execution. In addition, the package was fixed to build with\nthe latest version of automake.\n\nChangeLog:\n\n* Sun Jul 26 2009 Kevin Kofler - 3.5.10-13\n- fix CVE-2009-2537 - select length DoS\n- fix CVE-2009-1725 - crash, possible ACE in numeric character references\n- fix CVE-2009-1690 - crash, possible ACE in KHTML ( use-after-free)\n- fix CVE-2009-1687 - possible ACE in KJS (FIXME: still crashes?)\n- fix CVE-2009-1698 - crash, possible ACE in CSS style attribute handling\n* Fri Jul 24 2009 Fedora Release Engineering - 3.5.10-12\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild\n* Sat Jul 18 2009 Rex Dieter - 3.5.10-12\n- FTBFS kdelibs3-3.5.10-11.fc11 (#511571)\n- -devel: Requires: %{name}%_isa ...\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update kdelibs3' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8046\";\ntag_summary = \"The remote host is missing an update to kdelibs3\nannounced via advisory FEDORA-2009-8046.\";\n\n\n\nif(description)\n{\n script_id(64474);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)\");\n script_cve_id(\"CVE-2009-1725\", \"CVE-2009-1690\", \"CVE-2009-1687\", \"CVE-2009-1698\", \"CVE-2009-2537\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 11 FEDORA-2009-8046 (kdelibs3)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=513813\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=505571\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=506453\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=506469\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=512911\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kdelibs3\", rpm:\"kdelibs3~3.5.10~13.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs3-devel\", rpm:\"kdelibs3-devel~3.5.10~13.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs3-debuginfo\", rpm:\"kdelibs3-debuginfo~3.5.10~13.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs3-apidocs\", rpm:\"kdelibs3-apidocs~3.5.10~13.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:40:49", "description": "The remote host is missing an update to kdelibs3\nannounced via advisory FEDORA-2009-9391.", "cvss3": {}, "published": "2009-09-15T00:00:00", "type": "openvas", "title": "Fedora Core 11 FEDORA-2009-9391 (kdelibs3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1698", "CVE-2009-1725", "CVE-2009-1690", "CVE-2009-2537", "CVE-2009-1687", "CVE-2009-2702"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064844", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064844", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_9391.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-9391 (kdelibs3)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nThis update fixes CVE-2009-2702, a security issue where SSL certificates\ncontaining embedded NUL characters would falsely pass validation when they're\nactually invalid, for the KDE 3 compatibility version of kdelibs.\n\nChangeLog:\n\n* Sun Sep 6 2009 Kevin Kofler - 3.5.10-13.1\n- fix for CVE-2009-2702\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update kdelibs3' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-9391\";\ntag_summary = \"The remote host is missing an update to kdelibs3\nannounced via advisory FEDORA-2009-9391.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64844\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-15 22:46:32 +0200 (Tue, 15 Sep 2009)\");\n script_cve_id(\"CVE-2009-2702\", \"CVE-2009-2537\", \"CVE-2009-1725\", \"CVE-2009-1690\", \"CVE-2009-1687\", \"CVE-2009-1698\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 11 FEDORA-2009-9391 (kdelibs3)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=520661\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kdelibs3\", rpm:\"kdelibs3~3.5.10~13.fc11.1\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs3-devel\", rpm:\"kdelibs3-devel~3.5.10~13.fc11.1\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs3-debuginfo\", rpm:\"kdelibs3-debuginfo~3.5.10~13.fc11.1\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs3-apidocs\", rpm:\"kdelibs3-apidocs~3.5.10~13.fc11.1\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:37:26", "description": "The remote host is missing an update to kdelibs\nannounced via advisory FEDORA-2009-8049.", "cvss3": {}, "published": "2009-07-29T00:00:00", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-8049 (kdelibs)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1698", "CVE-2009-1725", "CVE-2009-0945", "CVE-2009-1690", "CVE-2009-2537", "CVE-2009-1687"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064473", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064473", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_8049.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-8049 (kdelibs)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nThis update fixes several security issues in KHTML (CVE-2009-1725,\nCVE-2009-1690, CVE-2009-1687, CVE-2009-1698, CVE-2009-0945, CVE-2009-2537) which\nmay lead to a denial of service or potentially even arbitrary code execution.\nIn addition, libplasma was fixed to make Plasmaboard (a virtual keyboard applet)\nwork, and a bug in a Fedora patch which made builds of the SRPM on single-CPU\nmachines fail was fixed.\nChangeLog:\n\n* Sun Jul 26 2009 Kevin Kofler - 4.2.4-6\n- fix CVE-2009-1725 - crash, possible ACE in numeric character references\n- fix CVE-2009-1690 - crash, possible ACE in KHTML ( use-after-free)\n- fix CVE-2009-1687 - possible ACE in KJS (FIXME: still crashes?)\n- fix CVE-2009-1698 - crash, possible ACE in CSS style attribute handling\n- fix CVE-2009-0945 - NULL-pointer dereference in the SVGList interface impl\n* Thu Jul 23 2009 Jaroslav Reznik - 4.2.4-5\n- CVE-2009-2537 - select length DoS\n- correct fixPopupForPlasmaboard.patch\n* Wed Jul 8 2009 Kevin Kofler - 4.2.4-4\n- fix CMake dependency in parallel_devel patch (#510259, CHIKAMA Masaki)\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update kdelibs' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8049\";\ntag_summary = \"The remote host is missing an update to kdelibs\nannounced via advisory FEDORA-2009-8049.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64473\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)\");\n script_cve_id(\"CVE-2009-1725\", \"CVE-2009-1690\", \"CVE-2009-1687\", \"CVE-2009-1698\", \"CVE-2009-0945\", \"CVE-2009-2537\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 10 FEDORA-2009-8049 (kdelibs)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=513813\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=505571\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=506453\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=506469\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=506703\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=512911\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kdelibs\", rpm:\"kdelibs~4.2.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs-common\", rpm:\"kdelibs-common~4.2.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs-devel\", rpm:\"kdelibs-devel~4.2.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs-debuginfo\", rpm:\"kdelibs-debuginfo~4.2.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs-apidocs\", rpm:\"kdelibs-apidocs~4.2.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-21T11:33:11", "description": "Check for the Version of kdelibs", "cvss3": {}, "published": "2010-04-19T00:00:00", "type": "openvas", "title": "Fedora Update for kdelibs FEDORA-2010-6077", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1698", "CVE-2010-0436", "CVE-2009-1725", "CVE-2009-2537", "CVE-2009-1687", "CVE-2009-2702"], "modified": "2017-12-21T00:00:00", "id": "OPENVAS:861902", "href": "http://plugins.openvas.org/nasl.php?oid=861902", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kdelibs FEDORA-2010-6077\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kdelibs on Fedora 11\";\ntag_insight = \"Libraries for KDE 4.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039592.html\");\n script_id(861902);\n script_version(\"$Revision: 8205 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-21 07:30:37 +0100 (Thu, 21 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-04-19 16:47:49 +0200 (Mon, 19 Apr 2010)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-6077\");\n script_cve_id(\"CVE-2010-0436\", \"CVE-2009-2702\", \"CVE-2009-2537\", \"CVE-2009-1725\", \"CVE-2009-1687\", \"CVE-2009-1698\");\n script_name(\"Fedora Update for kdelibs FEDORA-2010-6077\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kdelibs\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC11\")\n{\n\n if ((res = isrpmvuln(pkg:\"kdelibs\", rpm:\"kdelibs~4.4.2~2.fc11\", rls:\"FC11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:37:26", "description": "The remote host is missing an update to kdelibs\nannounced via advisory FEDORA-2009-8039.", "cvss3": {}, "published": "2009-07-29T00:00:00", "type": "openvas", "title": "Fedora Core 11 FEDORA-2009-8039 (kdelibs)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1698", "CVE-2009-1725", "CVE-2009-0945", "CVE-2009-1690", "CVE-2009-2537", "CVE-2009-1687"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064470", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064470", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_8039.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-8039 (kdelibs)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nThis update fixes several security issues in KHTML (CVE-2009-1725,\nCVE-2009-1690, CVE-2009-1687, CVE-2009-1698, CVE-2009-0945, CVE-2009-2537) which\nmay lead to a denial of service or potentially even arbitrary code execution.\nIn addition, libplasma was fixed to make Plasmaboard (a virtual keyboard applet)\nwork, and a bug in a Fedora patch which made builds of the SRPM on single-CPU\nmachines fail was fixed.\n\nChangeLog:\n\n* Sun Jul 26 2009 Kevin Kofler - 4.2.4-6\n- fix CVE-2009-1725 - crash, possible ACE in numeric character references\n- fix CVE-2009-1690 - crash, possible ACE in KHTML ( use-after-free)\n- fix CVE-2009-1687 - possible ACE in KJS (FIXME: still crashes?)\n- fix CVE-2009-1698 - crash, possible ACE in CSS style attribute handling\n- fix CVE-2009-0945 - NULL-pointer dereference in the SVGList interface impl\n* Thu Jul 23 2009 Jaroslav Reznik - 4.2.4-5\n- CVE-2009-2537 - select length DoS\n- correct fixPopupForPlasmaboard.patch\n* Wed Jul 8 2009 Kevin Kofler - 4.2.4-4\n- fix CMake dependency in parallel_devel patch (#510259, CHIKAMA Masaki)\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update kdelibs' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8039\";\ntag_summary = \"The remote host is missing an update to kdelibs\nannounced via advisory FEDORA-2009-8039.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64470\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)\");\n script_cve_id(\"CVE-2009-1725\", \"CVE-2009-1690\", \"CVE-2009-1687\", \"CVE-2009-1698\", \"CVE-2009-0945\", \"CVE-2009-2537\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 11 FEDORA-2009-8039 (kdelibs)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=513813\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=505571\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=506453\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=506469\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=506703\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=512911\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kdelibs\", rpm:\"kdelibs~4.2.4~6.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs-common\", rpm:\"kdelibs-common~4.2.4~6.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs-devel\", rpm:\"kdelibs-devel~4.2.4~6.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs-debuginfo\", rpm:\"kdelibs-debuginfo~4.2.4~6.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs-apidocs\", rpm:\"kdelibs-apidocs~4.2.4~6.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:40:10", "description": "The remote host is missing an update to kdelibs3\nannounced via advisory FEDORA-2009-9400.", "cvss3": {}, "published": "2009-09-15T00:00:00", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-9400 (kdelibs3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1698", "CVE-2009-1725", "CVE-2009-1690", "CVE-2009-2537", "CVE-2009-1687", "CVE-2009-2702"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064845", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064845", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_9400.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-9400 (kdelibs3)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nThis update fixes CVE-2009-2702, a security issue where SSL certificates\ncontaining embedded NUL characters would falsely pass validation when they're\nactually invalid, for the KDE 3 compatibility version of kdelibs.\n\nChangeLog:\n\n* Sun Sep 6 2009 Kevin Kofler - 3.5.10-13.1\n- fix for CVE-2009-2702\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update kdelibs3' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-9400\";\ntag_summary = \"The remote host is missing an update to kdelibs3\nannounced via advisory FEDORA-2009-9400.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64845\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-15 22:46:32 +0200 (Tue, 15 Sep 2009)\");\n script_cve_id(\"CVE-2009-2702\", \"CVE-2009-2537\", \"CVE-2009-1725\", \"CVE-2009-1690\", \"CVE-2009-1687\", \"CVE-2009-1698\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 10 FEDORA-2009-9400 (kdelibs3)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=520661\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kdelibs3\", rpm:\"kdelibs3~3.5.10~13.fc10.1\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs3-devel\", rpm:\"kdelibs3-devel~3.5.10~13.fc10.1\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs3-debuginfo\", rpm:\"kdelibs3-debuginfo~3.5.10~13.fc10.1\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs3-apidocs\", rpm:\"kdelibs3-apidocs~3.5.10~13.fc10.1\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:04", "description": "The remote host is missing an update to kdelibs3\nannounced via advisory FEDORA-2009-9400.", "cvss3": {}, "published": "2009-09-15T00:00:00", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-9400 (kdelibs3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1698", "CVE-2009-1725", "CVE-2009-1690", "CVE-2009-2537", "CVE-2009-1687", "CVE-2009-2702"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:64845", "href": "http://plugins.openvas.org/nasl.php?oid=64845", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_9400.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-9400 (kdelibs3)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nThis update fixes CVE-2009-2702, a security issue where SSL certificates\ncontaining embedded NUL characters would falsely pass validation when they're\nactually invalid, for the KDE 3 compatibility version of kdelibs.\n\nChangeLog:\n\n* Sun Sep 6 2009 Kevin Kofler - 3.5.10-13.1\n- fix for CVE-2009-2702\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update kdelibs3' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-9400\";\ntag_summary = \"The remote host is missing an update to kdelibs3\nannounced via advisory FEDORA-2009-9400.\";\n\n\n\nif(description)\n{\n script_id(64845);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-15 22:46:32 +0200 (Tue, 15 Sep 2009)\");\n script_cve_id(\"CVE-2009-2702\", \"CVE-2009-2537\", \"CVE-2009-1725\", \"CVE-2009-1690\", \"CVE-2009-1687\", \"CVE-2009-1698\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 10 FEDORA-2009-9400 (kdelibs3)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=520661\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kdelibs3\", rpm:\"kdelibs3~3.5.10~13.fc10.1\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs3-devel\", rpm:\"kdelibs3-devel~3.5.10~13.fc10.1\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs3-debuginfo\", rpm:\"kdelibs3-debuginfo~3.5.10~13.fc10.1\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs3-apidocs\", rpm:\"kdelibs3-apidocs~3.5.10~13.fc10.1\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:06", "description": "The remote host is missing an update to kdelibs\nannounced via advisory FEDORA-2009-8049.", "cvss3": {}, "published": "2009-07-29T00:00:00", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-8049 (kdelibs)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1698", "CVE-2009-1725", "CVE-2009-0945", "CVE-2009-1690", "CVE-2009-2537", "CVE-2009-1687"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:64473", "href": "http://plugins.openvas.org/nasl.php?oid=64473", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_8049.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-8049 (kdelibs)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nThis update fixes several security issues in KHTML (CVE-2009-1725,\nCVE-2009-1690, CVE-2009-1687, CVE-2009-1698, CVE-2009-0945, CVE-2009-2537) which\nmay lead to a denial of service or potentially even arbitrary code execution.\nIn addition, libplasma was fixed to make Plasmaboard (a virtual keyboard applet)\nwork, and a bug in a Fedora patch which made builds of the SRPM on single-CPU\nmachines fail was fixed.\nChangeLog:\n\n* Sun Jul 26 2009 Kevin Kofler - 4.2.4-6\n- fix CVE-2009-1725 - crash, possible ACE in numeric character references\n- fix CVE-2009-1690 - crash, possible ACE in KHTML ( use-after-free)\n- fix CVE-2009-1687 - possible ACE in KJS (FIXME: still crashes?)\n- fix CVE-2009-1698 - crash, possible ACE in CSS style attribute handling\n- fix CVE-2009-0945 - NULL-pointer dereference in the SVGList interface impl\n* Thu Jul 23 2009 Jaroslav Reznik - 4.2.4-5\n- CVE-2009-2537 - select length DoS\n- correct fixPopupForPlasmaboard.patch\n* Wed Jul 8 2009 Kevin Kofler - 4.2.4-4\n- fix CMake dependency in parallel_devel patch (#510259, CHIKAMA Masaki)\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update kdelibs' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8049\";\ntag_summary = \"The remote host is missing an update to kdelibs\nannounced via advisory FEDORA-2009-8049.\";\n\n\n\nif(description)\n{\n script_id(64473);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)\");\n script_cve_id(\"CVE-2009-1725\", \"CVE-2009-1690\", \"CVE-2009-1687\", \"CVE-2009-1698\", \"CVE-2009-0945\", \"CVE-2009-2537\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 10 FEDORA-2009-8049 (kdelibs)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=513813\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=505571\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=506453\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=506469\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=506703\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=512911\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kdelibs\", rpm:\"kdelibs~4.2.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs-common\", rpm:\"kdelibs-common~4.2.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs-devel\", rpm:\"kdelibs-devel~4.2.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs-debuginfo\", rpm:\"kdelibs-debuginfo~4.2.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs-apidocs\", rpm:\"kdelibs-apidocs~4.2.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:17", "description": "The remote host is missing an update to kdelibs3\nannounced via advisory FEDORA-2009-9391.", "cvss3": {}, "published": "2009-09-15T00:00:00", "type": "openvas", "title": "Fedora Core 11 FEDORA-2009-9391 (kdelibs3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1698", "CVE-2009-1725", "CVE-2009-1690", "CVE-2009-2537", "CVE-2009-1687", "CVE-2009-2702"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:64844", "href": "http://plugins.openvas.org/nasl.php?oid=64844", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_9391.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-9391 (kdelibs3)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nThis update fixes CVE-2009-2702, a security issue where SSL certificates\ncontaining embedded NUL characters would falsely pass validation when they're\nactually invalid, for the KDE 3 compatibility version of kdelibs.\n\nChangeLog:\n\n* Sun Sep 6 2009 Kevin Kofler - 3.5.10-13.1\n- fix for CVE-2009-2702\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update kdelibs3' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-9391\";\ntag_summary = \"The remote host is missing an update to kdelibs3\nannounced via advisory FEDORA-2009-9391.\";\n\n\n\nif(description)\n{\n script_id(64844);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-15 22:46:32 +0200 (Tue, 15 Sep 2009)\");\n script_cve_id(\"CVE-2009-2702\", \"CVE-2009-2537\", \"CVE-2009-1725\", \"CVE-2009-1690\", \"CVE-2009-1687\", \"CVE-2009-1698\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 11 FEDORA-2009-9391 (kdelibs3)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=520661\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kdelibs3\", rpm:\"kdelibs3~3.5.10~13.fc11.1\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs3-devel\", rpm:\"kdelibs3-devel~3.5.10~13.fc11.1\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs3-debuginfo\", rpm:\"kdelibs3-debuginfo~3.5.10~13.fc11.1\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs3-apidocs\", rpm:\"kdelibs3-apidocs~3.5.10~13.fc11.1\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-19T15:05:10", "description": "Check for the Version of kdelibs", "cvss3": {}, "published": "2010-04-19T00:00:00", "type": "openvas", "title": "Fedora Update for kdelibs FEDORA-2010-6077", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1698", "CVE-2010-0436", "CVE-2009-1725", "CVE-2009-2537", "CVE-2009-1687", "CVE-2009-2702"], "modified": "2018-01-19T00:00:00", "id": "OPENVAS:1361412562310861902", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310861902", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kdelibs FEDORA-2010-6077\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kdelibs on Fedora 11\";\ntag_insight = \"Libraries for KDE 4.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039592.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.861902\");\n script_version(\"$Revision: 8469 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-19 08:58:21 +0100 (Fri, 19 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-04-19 16:47:49 +0200 (Mon, 19 Apr 2010)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-6077\");\n script_cve_id(\"CVE-2010-0436\", \"CVE-2009-2702\", \"CVE-2009-2537\", \"CVE-2009-1725\", \"CVE-2009-1687\", \"CVE-2009-1698\");\n script_name(\"Fedora Update for kdelibs FEDORA-2010-6077\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kdelibs\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC11\")\n{\n\n if ((res = isrpmvuln(pkg:\"kdelibs\", rpm:\"kdelibs~4.4.2~2.fc11\", rls:\"FC11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:06", "description": "The remote host is missing an update to kdelibs\nannounced via advisory FEDORA-2009-8039.", "cvss3": {}, "published": "2009-07-29T00:00:00", "type": "openvas", "title": "Fedora Core 11 FEDORA-2009-8039 (kdelibs)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1698", "CVE-2009-1725", "CVE-2009-0945", "CVE-2009-1690", "CVE-2009-2537", "CVE-2009-1687"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:64470", "href": "http://plugins.openvas.org/nasl.php?oid=64470", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_8039.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-8039 (kdelibs)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nThis update fixes several security issues in KHTML (CVE-2009-1725,\nCVE-2009-1690, CVE-2009-1687, CVE-2009-1698, CVE-2009-0945, CVE-2009-2537) which\nmay lead to a denial of service or potentially even arbitrary code execution.\nIn addition, libplasma was fixed to make Plasmaboard (a virtual keyboard applet)\nwork, and a bug in a Fedora patch which made builds of the SRPM on single-CPU\nmachines fail was fixed.\n\nChangeLog:\n\n* Sun Jul 26 2009 Kevin Kofler - 4.2.4-6\n- fix CVE-2009-1725 - crash, possible ACE in numeric character references\n- fix CVE-2009-1690 - crash, possible ACE in KHTML ( use-after-free)\n- fix CVE-2009-1687 - possible ACE in KJS (FIXME: still crashes?)\n- fix CVE-2009-1698 - crash, possible ACE in CSS style attribute handling\n- fix CVE-2009-0945 - NULL-pointer dereference in the SVGList interface impl\n* Thu Jul 23 2009 Jaroslav Reznik - 4.2.4-5\n- CVE-2009-2537 - select length DoS\n- correct fixPopupForPlasmaboard.patch\n* Wed Jul 8 2009 Kevin Kofler - 4.2.4-4\n- fix CMake dependency in parallel_devel patch (#510259, CHIKAMA Masaki)\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update kdelibs' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8039\";\ntag_summary = \"The remote host is missing an update to kdelibs\nannounced via advisory FEDORA-2009-8039.\";\n\n\n\nif(description)\n{\n script_id(64470);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)\");\n script_cve_id(\"CVE-2009-1725\", \"CVE-2009-1690\", \"CVE-2009-1687\", \"CVE-2009-1698\", \"CVE-2009-0945\", \"CVE-2009-2537\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 11 FEDORA-2009-8039 (kdelibs)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=513813\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=505571\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=506453\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=506469\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=506703\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=512911\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kdelibs\", rpm:\"kdelibs~4.2.4~6.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs-common\", rpm:\"kdelibs-common~4.2.4~6.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs-devel\", rpm:\"kdelibs-devel~4.2.4~6.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs-debuginfo\", rpm:\"kdelibs-debuginfo~4.2.4~6.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs-apidocs\", rpm:\"kdelibs-apidocs~4.2.4~6.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:54:30", "description": "Check for the Version of kdelibs", "cvss3": {}, "published": "2010-05-28T00:00:00", "type": "openvas", "title": "Fedora Update for kdelibs FEDORA-2010-8547", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1698", "CVE-2010-1511", "CVE-2009-1725", "CVE-2009-2537", "CVE-2009-1687", "CVE-2009-2702", "CVE-2010-1000"], "modified": "2017-12-22T00:00:00", "id": "OPENVAS:861985", "href": "http://plugins.openvas.org/nasl.php?oid=861985", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kdelibs FEDORA-2010-8547\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kdelibs on Fedora 11\";\ntag_insight = \"Libraries for KDE 4.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041990.html\");\n script_id(861985);\n script_version(\"$Revision: 8226 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-22 07:30:26 +0100 (Fri, 22 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-05-28 10:00:59 +0200 (Fri, 28 May 2010)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-8547\");\n script_cve_id(\"CVE-2010-1000\", \"CVE-2010-1511\", \"CVE-2009-2702\", \"CVE-2009-2537\", \"CVE-2009-1725\", \"CVE-2009-1687\", \"CVE-2009-1698\");\n script_name(\"Fedora Update for kdelibs FEDORA-2010-8547\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kdelibs\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC11\")\n{\n\n if ((res = isrpmvuln(pkg:\"kdelibs\", rpm:\"kdelibs~4.4.3~2.fc11\", rls:\"FC11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-23T13:05:38", "description": "Check for the Version of kdelibs", "cvss3": {}, "published": "2010-05-28T00:00:00", "type": "openvas", "title": "Fedora Update for kdelibs FEDORA-2010-8547", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1698", "CVE-2010-1511", "CVE-2009-1725", "CVE-2009-2537", "CVE-2009-1687", "CVE-2009-2702", "CVE-2010-1000"], "modified": "2018-01-23T00:00:00", "id": "OPENVAS:1361412562310861985", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310861985", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kdelibs FEDORA-2010-8547\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kdelibs on Fedora 11\";\ntag_insight = \"Libraries for KDE 4.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041990.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.861985\");\n script_version(\"$Revision: 8495 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-23 08:57:49 +0100 (Tue, 23 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-05-28 10:00:59 +0200 (Fri, 28 May 2010)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-8547\");\n script_cve_id(\"CVE-2010-1000\", \"CVE-2010-1511\", \"CVE-2009-2702\", \"CVE-2009-2537\", \"CVE-2009-1725\", \"CVE-2009-1687\", \"CVE-2009-1698\");\n script_name(\"Fedora Update for kdelibs FEDORA-2010-8547\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kdelibs\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC11\")\n{\n\n if ((res = isrpmvuln(pkg:\"kdelibs\", rpm:\"kdelibs~4.4.3~2.fc11\", rls:\"FC11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:28:14", "description": "The remote host is missing an update to webkit\nannounced via advisory USN-836-1.", "cvss3": {}, "published": "2009-09-28T00:00:00", "type": "openvas", "title": "Ubuntu USN-836-1 (webkit)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1698", "CVE-2009-1712", "CVE-2009-1725", "CVE-2009-0945", "CVE-2009-1711", "CVE-2009-1690", "CVE-2009-1687"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:64983", "href": "http://plugins.openvas.org/nasl.php?oid=64983", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_836_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# $Id: ubuntu_836_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# Description: Auto-generated from advisory USN-836-1 (webkit)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 8.10:\n libwebkit-1.0-1 1.0.1-2ubuntu0.2\n libwebkit-1.0-1-dbg 1.0.1-2ubuntu0.2\n libwebkit-dev 1.0.1-2ubuntu0.2\n\nUbuntu 9.04:\n libwebkit-1.0-1 1.0.1-4ubuntu0.1\n libwebkit-1.0-1-dbg 1.0.1-4ubuntu0.1\n libwebkit-dev 1.0.1-4ubuntu0.1\n\nAfter a standard system upgrade you need to restart any applications that\nuse WebKit, such as Epiphany-webkit and Midori, to effect the necessary\nchanges.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-836-1\";\n\ntag_insight = \"It was discovered that WebKit did not properly handle certain SVGPathList\ndata structures. If a user were tricked into viewing a malicious website,\nan attacker could exploit this to execute arbitrary code with the\nprivileges of the user invoking the program. (CVE-2009-0945)\n\nSeveral flaws were discovered in the WebKit browser and JavaScript engines.\nIf a user were tricked into viewing a malicious website, a remote attacker\ncould cause a denial of service or possibly execute arbitrary code with the\nprivileges of the user invoking the program. (CVE-2009-1687, CVE-2009-1690,\nCVE-2009-1698, CVE-2009-1711, CVE-2009-1725)\n\nIt was discovered that WebKit did not prevent the loading of local Java\napplets. If a user were tricked into viewing a malicious website,\nan attacker could exploit this to execute arbitrary code with the\nprivileges of the user invoking the program. (CVE-2009-1712)\";\ntag_summary = \"The remote host is missing an update to webkit\nannounced via advisory USN-836-1.\";\n\n \n\n\nif(description)\n{\n script_id(64983);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-28 19:09:13 +0200 (Mon, 28 Sep 2009)\");\n script_cve_id(\"CVE-2009-0945\", \"CVE-2009-1687\", \"CVE-2009-1690\", \"CVE-2009-1698\", \"CVE-2009-1711\", \"CVE-2009-1712\", \"CVE-2009-1725\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu USN-836-1 (webkit)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-836-1/\");\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libwebkit-dev\", ver:\"1.0.1-2ubuntu0.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwebkit-1.0-1-dbg\", ver:\"1.0.1-2ubuntu0.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwebkit-1.0-1\", ver:\"1.0.1-2ubuntu0.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwebkit-dev\", ver:\"1.0.1-4ubuntu0.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwebkit-1.0-1-dbg\", ver:\"1.0.1-4ubuntu0.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwebkit-1.0-1\", ver:\"1.0.1-4ubuntu0.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:56:34", "description": "The remote host is missing an update to kdelibs\nannounced via advisory MDVSA-2009:330.", "cvss3": {}, "published": "2009-12-14T00:00:00", "type": "openvas", "title": "Mandriva Security Advisory MDVSA-2009:330 (kdelibs)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1698", "CVE-2009-1725", "CVE-2009-2408", "CVE-2009-1692", "CVE-2009-0689", "CVE-2009-1690", "CVE-2009-2537", "CVE-2009-1687", "CVE-2009-2702"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:66492", "href": "http://plugins.openvas.org/nasl.php?oid=66492", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_330.nasl 6587 2017-07-07 06:35:35Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:330 (kdelibs)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been found and corrected in kdelibs:\n\nThe gdtoa (aka new dtoa) implementation in gdtoa/misc.c in\nlibc in FreeBSD 6.4 and 7.2, NetBSD 5.0, and OpenBSD 4.5 allows\ncontext-dependent attackers to cause a denial of service (application\ncrash) or possibly have unspecified other impact via a large precision\nvalue in the format argument to a printf function, related to an\narray overrun. (CVE-2009-0689)\n\nThe JavaScript garbage collector in WebKit in Apple Safari before\n4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1\nthrough 2.2.1 does not properly handle allocation failures, which\nallows remote attackers to execute arbitrary code or cause a denial\nof service (memory corruption and application crash) via a crafted\nHTML document that triggers write access to an offset of a NULL\npointer. (CVE-2009-1687)\n\nUse-after-free vulnerability in WebKit, as used in Apple Safari\nbefore 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1\nthrough 2.2.1, Google Chrome 1.0.154.53, and possibly other products,\nallows remote attackers to execute arbitrary code or cause a denial\nof service (memory corruption and application crash) by setting an\nunspecified property of an HTML tag that causes child elements to\nbe freed and later accessed when an HTML error occurs, related to\nrecursion in certain DOM event handlers. (CVE-2009-1690)\n\nWebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1,\nand iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a\npointer during handling of a Cascading Style Sheets (CSS) attr function\ncall with a large numerical argument, which allows remote attackers to\nexecute arbitrary code or cause a denial of service (memory corruption\nand application crash) via a crafted HTML document. (CVE-2009-1698)\n\nWebKit in Apple Safari before 4.0.2, KHTML in kdelibs in KDE, QtWebKit\n(aka Qt toolkit), and possibly other products does not properly handle\nnumeric character references, which allows remote attackers to execute\narbitrary code or cause a denial of service (memory corruption and\napplication crash) via a crafted HTML document. (CVE-2009-1725)\n\nKDE Konqueror allows remote attackers to cause a denial of service\n(memory consumption) via a large integer value for the length property\nof a Select object, a related issue to CVE-2009-1692. (CVE-2009-2537)\n\nKDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a\n'\\0' (NUL) character in a domain name in the Subject Alternative Name\nfield of an X.509 certificate, which allows man-in-the-middle attackers\nto spoof arbitrary SSL servers via a crafted certificate issued by a\nlegitimate Certification Authority, a related issue to CVE-2009-2408\n(CVE-2009-2702).\n\nThis update provides a solution to this vulnerability.\n\nAffected: Corporate 4.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:330\";\ntag_summary = \"The remote host is missing an update to kdelibs\nannounced via advisory MDVSA-2009:330.\";\n\n \n\nif(description)\n{\n script_id(66492);\n script_version(\"$Revision: 6587 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 08:35:35 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-14 23:06:43 +0100 (Mon, 14 Dec 2009)\");\n script_cve_id(\"CVE-2009-0689\", \"CVE-2009-1687\", \"CVE-2009-1690\", \"CVE-2009-1698\", \"CVE-2009-1725\", \"CVE-2009-1692\", \"CVE-2009-2537\", \"CVE-2009-2408\", \"CVE-2009-2702\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandriva Security Advisory MDVSA-2009:330 (kdelibs)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kdelibs-arts\", rpm:\"kdelibs-arts~3.5.4~2.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs-common\", rpm:\"kdelibs-common~3.5.4~2.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs-devel-doc\", rpm:\"kdelibs-devel-doc~3.5.4~2.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdecore4\", rpm:\"libkdecore4~3.5.4~2.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdecore4-devel\", rpm:\"libkdecore4-devel~3.5.4~2.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64kdecore4\", rpm:\"lib64kdecore4~3.5.4~2.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64kdecore4-devel\", rpm:\"lib64kdecore4-devel~3.5.4~2.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:28:54", "description": "The remote host is missing an update to qt4-x11\nannounced via advisory USN-857-1.", "cvss3": {}, "published": "2009-11-11T00:00:00", "type": "openvas", "title": "Ubuntu USN-857-1 (qt4-x11)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1698", "CVE-2009-1712", "CVE-2009-1725", "CVE-2009-0945", "CVE-2009-1713", "CVE-2009-1711", "CVE-2009-1690", "CVE-2009-1687", "CVE-2009-1699"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:66216", "href": "http://plugins.openvas.org/nasl.php?oid=66216", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_857_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# $Id: ubuntu_857_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# Description: Auto-generated from advisory USN-857-1 (qt4-x11)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 8.10:\n libqt4-webkit 4.4.3-0ubuntu1.4\n\nUbuntu 9.04:\n libqt4-webkit 4.5.0-0ubuntu4.3\n\nAfter a standard system upgrade you need to restart your session to effect\nthe necessary changes.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-857-1\";\n\ntag_insight = \"It was discovered that QtWebKit did not properly handle certain SVGPathList\ndata structures. If a user were tricked into viewing a malicious website,\nan attacker could exploit this to execute arbitrary code with the\nprivileges of the user invoking the program. (CVE-2009-0945)\n\nSeveral flaws were discovered in the QtWebKit browser and JavaScript\nengines. If a user were tricked into viewing a malicious website, a remote\nattacker could cause a denial of service or possibly execute arbitrary code\nwith the privileges of the user invoking the program. (CVE-2009-1687,\nCVE-2009-1690, CVE-2009-1698, CVE-2009-1711, CVE-2009-1725)\n\nIt was discovered that QtWebKit did not properly handle certain XSL\nstylesheets. If a user were tricked into viewing a malicious website,\nan attacker could exploit this to read arbitrary local files, and possibly\nfiles from different security zones. (CVE-2009-1699, CVE-2009-1713)\n\nIt was discovered that QtWebKit did not prevent the loading of local Java\napplets. If a user were tricked into viewing a malicious website, an\nattacker could exploit this to execute arbitrary code with the privileges\nof the user invoking the program. (CVE-2009-1712)\";\ntag_summary = \"The remote host is missing an update to qt4-x11\nannounced via advisory USN-857-1.\";\n\n \n\n\nif(description)\n{\n script_id(66216);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-11 15:56:44 +0100 (Wed, 11 Nov 2009)\");\n script_cve_id(\"CVE-2009-0945\", \"CVE-2009-1687\", \"CVE-2009-1690\", \"CVE-2009-1698\", \"CVE-2009-1699\", \"CVE-2009-1711\", \"CVE-2009-1712\", \"CVE-2009-1713\", \"CVE-2009-1725\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu USN-857-1 (qt4-x11)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-857-1/\");\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"qt4-doc-html\", ver:\"4.4.3-0ubuntu1.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-doc\", ver:\"4.4.3-0ubuntu1.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-assistant\", ver:\"4.4.3-0ubuntu1.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-core\", ver:\"4.4.3-0ubuntu1.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-dbg\", ver:\"4.4.3-0ubuntu1.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-dbus\", ver:\"4.4.3-0ubuntu1.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-designer\", ver:\"4.4.3-0ubuntu1.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-dev\", ver:\"4.4.3-0ubuntu1.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-gui\", ver:\"4.4.3-0ubuntu1.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-help\", ver:\"4.4.3-0ubuntu1.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-network\", ver:\"4.4.3-0ubuntu1.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-opengl-dev\", ver:\"4.4.3-0ubuntu1.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-opengl\", ver:\"4.4.3-0ubuntu1.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-qt3support\", ver:\"4.4.3-0ubuntu1.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-script\", ver:\"4.4.3-0ubuntu1.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-sql-mysql\", ver:\"4.4.3-0ubuntu1.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-sql-odbc\", ver:\"4.4.3-0ubuntu1.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-sql-psql\", ver:\"4.4.3-0ubuntu1.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-sql-sqlite2\", ver:\"4.4.3-0ubuntu1.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-sql-sqlite\", ver:\"4.4.3-0ubuntu1.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-sql\", ver:\"4.4.3-0ubuntu1.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-svg\", ver:\"4.4.3-0ubuntu1.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-test\", ver:\"4.4.3-0ubuntu1.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-webkit-dbg\", ver:\"4.4.3-0ubuntu1.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-webkit\", ver:\"4.4.3-0ubuntu1.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-xml\", ver:\"4.4.3-0ubuntu1.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-xmlpatterns-dbg\", ver:\"4.4.3-0ubuntu1.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-xmlpatterns\", ver:\"4.4.3-0ubuntu1.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqtcore4\", ver:\"4.4.3-0ubuntu1.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqtgui4\", ver:\"4.4.3-0ubuntu1.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-demos\", ver:\"4.4.3-0ubuntu1.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-designer\", ver:\"4.4.3-0ubuntu1.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-dev-tools\", ver:\"4.4.3-0ubuntu1.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-qtconfig\", ver:\"4.4.3-0ubuntu1.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-doc-html\", ver:\"4.5.0-0ubuntu4.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-doc\", ver:\"4.5.0-0ubuntu4.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-assistant\", ver:\"4.5.0-0ubuntu4.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-core\", ver:\"4.5.0-0ubuntu4.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-dbg\", ver:\"4.5.0-0ubuntu4.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-dbus\", ver:\"4.5.0-0ubuntu4.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-designer\", ver:\"4.5.0-0ubuntu4.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-dev-dbg\", ver:\"4.5.0-0ubuntu4.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-dev\", ver:\"4.5.0-0ubuntu4.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-gui\", ver:\"4.5.0-0ubuntu4.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-help\", ver:\"4.5.0-0ubuntu4.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-network\", ver:\"4.5.0-0ubuntu4.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-opengl-dev\", ver:\"4.5.0-0ubuntu4.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-opengl\", ver:\"4.5.0-0ubuntu4.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-qt3support\", ver:\"4.5.0-0ubuntu4.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-script\", ver:\"4.5.0-0ubuntu4.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-scripttools\", ver:\"4.5.0-0ubuntu4.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-sql-mysql\", ver:\"4.5.0-0ubuntu4.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-sql-odbc\", ver:\"4.5.0-0ubuntu4.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-sql-psql\", ver:\"4.5.0-0ubuntu4.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-sql-sqlite2\", ver:\"4.5.0-0ubuntu4.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-sql-sqlite\", ver:\"4.5.0-0ubuntu4.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-sql\", ver:\"4.5.0-0ubuntu4.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-svg\", ver:\"4.5.0-0ubuntu4.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-test\", ver:\"4.5.0-0ubuntu4.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-webkit-dbg\", ver:\"4.5.0-0ubuntu4.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-webkit\", ver:\"4.5.0-0ubuntu4.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-xml\", ver:\"4.5.0-0ubuntu4.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-xmlpatterns-dbg\", ver:\"4.5.0-0ubuntu4.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-xmlpatterns\", ver:\"4.5.0-0ubuntu4.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqtcore4\", ver:\"4.5.0-0ubuntu4.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqtgui4\", ver:\"4.5.0-0ubuntu4.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-demos-dbg\", ver:\"4.5.0-0ubuntu4.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-demos\", ver:\"4.5.0-0ubuntu4.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-designer\", ver:\"4.5.0-0ubuntu4.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-dev-tools-dbg\", ver:\"4.5.0-0ubuntu4.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-dev-tools\", ver:\"4.5.0-0ubuntu4.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-qmake\", ver:\"4.5.0-0ubuntu4.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-qtconfig\", ver:\"4.5.0-0ubuntu4.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:40", "description": "The remote host is missing an update to kdelibs\nannounced via advisory MDVSA-2009:330.", "cvss3": {}, "published": "2009-12-14T00:00:00", "type": "openvas", "title": "Mandriva Security Advisory MDVSA-2009:330 (kdelibs)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1698", "CVE-2009-1725", "CVE-2009-2408", "CVE-2009-1692", "CVE-2009-0689", "CVE-2009-1690", "CVE-2009-2537", "CVE-2009-1687", "CVE-2009-2702"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066492", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066492", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_330.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:330 (kdelibs)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been found and corrected in kdelibs:\n\nThe gdtoa (aka new dtoa) implementation in gdtoa/misc.c in\nlibc in FreeBSD 6.4 and 7.2, NetBSD 5.0, and OpenBSD 4.5 allows\ncontext-dependent attackers to cause a denial of service (application\ncrash) or possibly have unspecified other impact via a large precision\nvalue in the format argument to a printf function, related to an\narray overrun. (CVE-2009-0689)\n\nThe JavaScript garbage collector in WebKit in Apple Safari before\n4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1\nthrough 2.2.1 does not properly handle allocation failures, which\nallows remote attackers to execute arbitrary code or cause a denial\nof service (memory corruption and application crash) via a crafted\nHTML document that triggers write access to an offset of a NULL\npointer. (CVE-2009-1687)\n\nUse-after-free vulnerability in WebKit, as used in Apple Safari\nbefore 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1\nthrough 2.2.1, Google Chrome 1.0.154.53, and possibly other products,\nallows remote attackers to execute arbitrary code or cause a denial\nof service (memory corruption and application crash) by setting an\nunspecified property of an HTML tag that causes child elements to\nbe freed and later accessed when an HTML error occurs, related to\nrecursion in certain DOM event handlers. (CVE-2009-1690)\n\nWebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1,\nand iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a\npointer during handling of a Cascading Style Sheets (CSS) attr function\ncall with a large numerical argument, which allows remote attackers to\nexecute arbitrary code or cause a denial of service (memory corruption\nand application crash) via a crafted HTML document. (CVE-2009-1698)\n\nWebKit in Apple Safari before 4.0.2, KHTML in kdelibs in KDE, QtWebKit\n(aka Qt toolkit), and possibly other products does not properly handle\nnumeric character references, which allows remote attackers to execute\narbitrary code or cause a denial of service (memory corruption and\napplication crash) via a crafted HTML document. (CVE-2009-1725)\n\nKDE Konqueror allows remote attackers to cause a denial of service\n(memory consumption) via a large integer value for the length property\nof a Select object, a related issue to CVE-2009-1692. (CVE-2009-2537)\n\nKDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a\n'\\0' (NUL) character in a domain name in the Subject Alternative Name\nfield of an X.509 certificate, which allows man-in-the-middle attackers\nto spoof arbitrary SSL servers via a crafted certificate issued by a\nlegitimate Certification Authority, a related issue to CVE-2009-2408\n(CVE-2009-2702).\n\nThis update provides a solution to this vulnerability.\n\nAffected: Corporate 4.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:330\";\ntag_summary = \"The remote host is missing an update to kdelibs\nannounced via advisory MDVSA-2009:330.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66492\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-14 23:06:43 +0100 (Mon, 14 Dec 2009)\");\n script_cve_id(\"CVE-2009-0689\", \"CVE-2009-1687\", \"CVE-2009-1690\", \"CVE-2009-1698\", \"CVE-2009-1725\", \"CVE-2009-1692\", \"CVE-2009-2537\", \"CVE-2009-2408\", \"CVE-2009-2702\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandriva Security Advisory MDVSA-2009:330 (kdelibs)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kdelibs-arts\", rpm:\"kdelibs-arts~3.5.4~2.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs-common\", rpm:\"kdelibs-common~3.5.4~2.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs-devel-doc\", rpm:\"kdelibs-devel-doc~3.5.4~2.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdecore4\", rpm:\"libkdecore4~3.5.4~2.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdecore4-devel\", rpm:\"libkdecore4-devel~3.5.4~2.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64kdecore4\", rpm:\"lib64kdecore4~3.5.4~2.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64kdecore4-devel\", rpm:\"lib64kdecore4-devel~3.5.4~2.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-15T11:57:55", "description": "Check for the Version of kdelibs4", "cvss3": {}, "published": "2010-01-29T00:00:00", "type": "openvas", "title": "Mandriva Update for kdelibs4 MDVSA-2010:027 (kdelibs4)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1698", "CVE-2009-1725", "CVE-2009-2408", "CVE-2009-0945", "CVE-2009-1692", "CVE-2009-0689", "CVE-2009-1690", "CVE-2009-2537", "CVE-2009-1687", "CVE-2009-2702"], "modified": "2017-12-15T00:00:00", "id": "OPENVAS:830846", "href": "http://plugins.openvas.org/nasl.php?oid=830846", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for kdelibs4 MDVSA-2010:027 (kdelibs4)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities was discovered and corrected in kdelibs4:\n\n KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a\n \\'\\0\\' (NUL) character in a domain name in the Subject Alternative\n Name field of an X.509 certificate, which allows man-in-the-middle\n attackers to spoof arbitrary SSL servers via a crafted certificate\n issued by a legitimate Certification Authority, a related issue to\n CVE-2009-2408 (CVE-2009-2702).\n \n The JavaScript garbage collector in WebKit in Apple Safari before\n 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1\n through 2.2.1 does not properly handle allocation failures, which\n allows remote attackers to execute arbitrary code or cause a denial\n of service (memory corruption and application crash) via a crafted\n HTML document that triggers write access to an offset of a NULL\n pointer. (CVE-2009-1687).\n \n WebKit in Apple Safari before 4.0.2, KHTML in kdelibs in KDE, QtWebKit\n (aka Qt toolkit), and possibly other products does not properly handle\n numeric character references, which allows remote attackers to execute\n arbitrary code or cause a denial of service (memory corruption and\n application crash) via a crafted HTML document (CVE-2009-1725).\n \n Use-after-free vulnerability in WebKit, as used in Apple Safari\n before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1\n through 2.2.1, Google Chrome 1.0.154.53, and possibly other products,\n allows remote attackers to execute arbitrary code or cause a denial\n of service (memory corruption and application crash) by setting an\n unspecified property of an HTML tag that causes child elements to\n be freed and later accessed when an HTML error occurs, related to\n recursion in certain DOM event handlers. (CVE-2009-1690).\n \n WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1,\n and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a\n pointer during handling of a Cascading Style Sheets (CSS) attr function\n call with a large numerical argument, which allows remote attackers to\n execute arbitrary code or cause a denial of service (memory corruption\n and application crash) via a crafted HTML document (CVE-2009-1698).\n \n KDE Konqueror allows remote attackers to cause a denial of service\n (memory consumption) via a large integer value for the length property\n of a Select object, a related issue to CVE-2009-1692 (CVE-2009-2537).\n \n The gdtoa (aka new dtoa) implementation in gdtoa/misc.c in\n libc in FreeBSD 6.4 and 7.2, NetBSD 5.0, and OpenBSD 4.5 allows\n context-dependent atta ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"kdelibs4 on Mandriva Linux 2009.1,\n Mandriva Linux 2009.1/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-01/msg00077.php\");\n script_id(830846);\n script_version(\"$Revision: 8130 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-15 07:31:09 +0100 (Fri, 15 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-01-29 14:09:25 +0100 (Fri, 29 Jan 2010)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2010:027\");\n script_cve_id(\"CVE-2009-2408\", \"CVE-2009-2702\", \"CVE-2009-1687\", \"CVE-2009-1725\", \"CVE-2009-1690\", \"CVE-2009-1698\", \"CVE-2009-1692\", \"CVE-2009-2537\", \"CVE-2009-0689\", \"CVE-2009-0945\");\n script_name(\"Mandriva Update for kdelibs4 MDVSA-2010:027 (kdelibs4)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kdelibs4\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2009.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"kdelibs4-core\", rpm:\"kdelibs4-core~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kdelibs4-devel\", rpm:\"kdelibs4-devel~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkde3support4\", rpm:\"libkde3support4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkdecore5\", rpm:\"libkdecore5~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkdefakes5\", rpm:\"libkdefakes5~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkdesu5\", rpm:\"libkdesu5~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkdeui5\", rpm:\"libkdeui5~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkdnssd4\", rpm:\"libkdnssd4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkfile4\", rpm:\"libkfile4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkhtml5\", rpm:\"libkhtml5~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkimproxy4\", rpm:\"libkimproxy4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkio5\", rpm:\"libkio5~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkjs4\", rpm:\"libkjs4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkjsapi4\", rpm:\"libkjsapi4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkjsembed4\", rpm:\"libkjsembed4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkmediaplayer4\", rpm:\"libkmediaplayer4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libknewstuff2_4\", rpm:\"libknewstuff2_4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libknotifyconfig4\", rpm:\"libknotifyconfig4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkntlm4\", rpm:\"libkntlm4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkparts4\", rpm:\"libkparts4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkpty4\", rpm:\"libkpty4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkrosscore4\", rpm:\"libkrosscore4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkrossui4\", rpm:\"libkrossui4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libktexteditor4\", rpm:\"libktexteditor4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkunittest4\", rpm:\"libkunittest4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkutils4\", rpm:\"libkutils4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnepomuk4\", rpm:\"libnepomuk4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libplasma3\", rpm:\"libplasma3~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsolid4\", rpm:\"libsolid4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libthreadweaver4\", rpm:\"libthreadweaver4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kdelibs4\", rpm:\"kdelibs4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64kde3support4\", rpm:\"lib64kde3support4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64kdecore5\", rpm:\"lib64kdecore5~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64kdefakes5\", rpm:\"lib64kdefakes5~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64kdesu5\", rpm:\"lib64kdesu5~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64kdeui5\", rpm:\"lib64kdeui5~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64kdnssd4\", rpm:\"lib64kdnssd4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64kfile4\", rpm:\"lib64kfile4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64khtml5\", rpm:\"lib64khtml5~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64kimproxy4\", rpm:\"lib64kimproxy4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64kio5\", rpm:\"lib64kio5~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64kjs4\", rpm:\"lib64kjs4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64kjsapi4\", rpm:\"lib64kjsapi4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64kjsembed4\", rpm:\"lib64kjsembed4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64kmediaplayer4\", rpm:\"lib64kmediaplayer4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64knewstuff2_4\", rpm:\"lib64knewstuff2_4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64knotifyconfig4\", rpm:\"lib64knotifyconfig4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64kntlm4\", rpm:\"lib64kntlm4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64kparts4\", rpm:\"lib64kparts4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64kpty4\", rpm:\"lib64kpty4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64krosscore4\", rpm:\"lib64krosscore4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64krossui4\", rpm:\"lib64krossui4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ktexteditor4\", rpm:\"lib64ktexteditor4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64kunittest4\", rpm:\"lib64kunittest4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64kutils4\", rpm:\"lib64kutils4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nepomuk4\", rpm:\"lib64nepomuk4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64plasma3\", rpm:\"lib64plasma3~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64solid4\", rpm:\"lib64solid4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64threadweaver4\", rpm:\"lib64threadweaver4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-08T12:53:59", "description": "Check for the Version of kdelibs4", "cvss3": {}, "published": "2010-01-29T00:00:00", "type": "openvas", "title": "Mandriva Update for kdelibs4 MDVSA-2010:027 (kdelibs4)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1698", "CVE-2009-1725", "CVE-2009-2408", "CVE-2009-0945", "CVE-2009-1692", "CVE-2009-0689", "CVE-2009-1690", "CVE-2009-2537", "CVE-2009-1687", "CVE-2009-2702"], "modified": "2018-01-05T00:00:00", "id": "OPENVAS:1361412562310830846", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830846", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for kdelibs4 MDVSA-2010:027 (kdelibs4)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities was discovered and corrected in kdelibs4:\n\n KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a\n \\'\\0\\' (NUL) character in a domain name in the Subject Alternative\n Name field of an X.509 certificate, which allows man-in-the-middle\n attackers to spoof arbitrary SSL servers via a crafted certificate\n issued by a legitimate Certification Authority, a related issue to\n CVE-2009-2408 (CVE-2009-2702).\n \n The JavaScript garbage collector in WebKit in Apple Safari before\n 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1\n through 2.2.1 does not properly handle allocation failures, which\n allows remote attackers to execute arbitrary code or cause a denial\n of service (memory corruption and application crash) via a crafted\n HTML document that triggers write access to an offset of a NULL\n pointer. (CVE-2009-1687).\n \n WebKit in Apple Safari before 4.0.2, KHTML in kdelibs in KDE, QtWebKit\n (aka Qt toolkit), and possibly other products does not properly handle\n numeric character references, which allows remote attackers to execute\n arbitrary code or cause a denial of service (memory corruption and\n application crash) via a crafted HTML document (CVE-2009-1725).\n \n Use-after-free vulnerability in WebKit, as used in Apple Safari\n before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1\n through 2.2.1, Google Chrome 1.0.154.53, and possibly other products,\n allows remote attackers to execute arbitrary code or cause a denial\n of service (memory corruption and application crash) by setting an\n unspecified property of an HTML tag that causes child elements to\n be freed and later accessed when an HTML error occurs, related to\n recursion in certain DOM event handlers. (CVE-2009-1690).\n \n WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1,\n and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a\n pointer during handling of a Cascading Style Sheets (CSS) attr function\n call with a large numerical argument, which allows remote attackers to\n execute arbitrary code or cause a denial of service (memory corruption\n and application crash) via a crafted HTML document (CVE-2009-1698).\n \n KDE Konqueror allows remote attackers to cause a denial of service\n (memory consumption) via a large integer value for the length property\n of a Select object, a related issue to CVE-2009-1692 (CVE-2009-2537).\n \n The gdtoa (aka new dtoa) implementation in gdtoa/misc.c in\n libc in FreeBSD 6.4 and 7.2, NetBSD 5.0, and OpenBSD 4.5 allows\n context-dependent atta ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"kdelibs4 on Mandriva Linux 2009.1,\n Mandriva Linux 2009.1/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-01/msg00077.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830846\");\n script_version(\"$Revision: 8296 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-05 08:28:01 +0100 (Fri, 05 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-01-29 14:09:25 +0100 (Fri, 29 Jan 2010)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2010:027\");\n script_cve_id(\"CVE-2009-2408\", \"CVE-2009-2702\", \"CVE-2009-1687\", \"CVE-2009-1725\", \"CVE-2009-1690\", \"CVE-2009-1698\", \"CVE-2009-1692\", \"CVE-2009-2537\", \"CVE-2009-0689\", \"CVE-2009-0945\");\n script_name(\"Mandriva Update for kdelibs4 MDVSA-2010:027 (kdelibs4)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kdelibs4\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2009.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"kdelibs4-core\", rpm:\"kdelibs4-core~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kdelibs4-devel\", rpm:\"kdelibs4-devel~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkde3support4\", rpm:\"libkde3support4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkdecore5\", rpm:\"libkdecore5~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkdefakes5\", rpm:\"libkdefakes5~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkdesu5\", rpm:\"libkdesu5~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkdeui5\", rpm:\"libkdeui5~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkdnssd4\", rpm:\"libkdnssd4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkfile4\", rpm:\"libkfile4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkhtml5\", rpm:\"libkhtml5~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkimproxy4\", rpm:\"libkimproxy4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkio5\", rpm:\"libkio5~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkjs4\", rpm:\"libkjs4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkjsapi4\", rpm:\"libkjsapi4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkjsembed4\", rpm:\"libkjsembed4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkmediaplayer4\", rpm:\"libkmediaplayer4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libknewstuff2_4\", rpm:\"libknewstuff2_4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libknotifyconfig4\", rpm:\"libknotifyconfig4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkntlm4\", rpm:\"libkntlm4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkparts4\", rpm:\"libkparts4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkpty4\", rpm:\"libkpty4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkrosscore4\", rpm:\"libkrosscore4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkrossui4\", rpm:\"libkrossui4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libktexteditor4\", rpm:\"libktexteditor4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkunittest4\", rpm:\"libkunittest4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkutils4\", rpm:\"libkutils4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnepomuk4\", rpm:\"libnepomuk4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libplasma3\", rpm:\"libplasma3~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsolid4\", rpm:\"libsolid4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libthreadweaver4\", rpm:\"libthreadweaver4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kdelibs4\", rpm:\"kdelibs4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64kde3support4\", rpm:\"lib64kde3support4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64kdecore5\", rpm:\"lib64kdecore5~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64kdefakes5\", rpm:\"lib64kdefakes5~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64kdesu5\", rpm:\"lib64kdesu5~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64kdeui5\", rpm:\"lib64kdeui5~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64kdnssd4\", rpm:\"lib64kdnssd4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64kfile4\", rpm:\"lib64kfile4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64khtml5\", rpm:\"lib64khtml5~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64kimproxy4\", rpm:\"lib64kimproxy4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64kio5\", rpm:\"lib64kio5~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64kjs4\", rpm:\"lib64kjs4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64kjsapi4\", rpm:\"lib64kjsapi4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64kjsembed4\", rpm:\"lib64kjsembed4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64kmediaplayer4\", rpm:\"lib64kmediaplayer4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64knewstuff2_4\", rpm:\"lib64knewstuff2_4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64knotifyconfig4\", rpm:\"lib64knotifyconfig4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64kntlm4\", rpm:\"lib64kntlm4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64kparts4\", rpm:\"lib64kparts4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64kpty4\", rpm:\"lib64kpty4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64krosscore4\", rpm:\"lib64krosscore4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64krossui4\", rpm:\"lib64krossui4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ktexteditor4\", rpm:\"lib64ktexteditor4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64kunittest4\", rpm:\"lib64kunittest4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64kutils4\", rpm:\"lib64kutils4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nepomuk4\", rpm:\"lib64nepomuk4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64plasma3\", rpm:\"lib64plasma3~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64solid4\", rpm:\"lib64solid4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64threadweaver4\", rpm:\"lib64threadweaver4~4.2.4~0.8mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "fedora": [{"lastseen": "2020-12-21T08:17:49", "description": "Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling. ", "cvss3": {}, "published": "2009-09-03T00:29:12", "type": "fedora", "title": "[SECURITY] Fedora 10 Update: qt-4.5.2-3.fc10", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1725", "CVE-2009-2700"], "modified": "2009-09-03T00:29:12", "id": "FEDORA:3DC7510F888", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/2TSBGLEIFAA7JJ2V5TGKENOTUO7XZQ7J/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "description": "Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling. ", "cvss3": {}, "published": "2009-11-14T03:31:02", "type": "fedora", "title": "[SECURITY] Fedora 10 Update: qt-4.5.3-9.fc10", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1725", "CVE-2009-2700", "CVE-2009-2816", "CVE-2009-3384"], "modified": "2009-11-14T03:31:02", "id": "FEDORA:6696510F844", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/M3TJZLBX6AMVTSCNACURCEPWUWIT55DM/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "description": "Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling. ", "cvss3": {}, "published": "2009-11-14T03:33:40", "type": "fedora", "title": "[SECURITY] Fedora 11 Update: qt-4.5.3-9.fc11", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1725", "CVE-2009-2700", "CVE-2009-2816", "CVE-2009-3384"], "modified": "2009-11-14T03:33:40", "id": "FEDORA:449DA10F83E", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/OIDJAVVCOME7HBXFNKA4P2RHKZ5OKPH5/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "description": "Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling. ", "cvss3": {}, "published": "2009-08-20T21:00:54", "type": "fedora", "title": "[SECURITY] Fedora 11 Update: qt-4.5.2-2.fc11", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1725"], "modified": "2009-08-20T21:00:54", "id": "FEDORA:9D37810F855", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/J2WBPMPRDGJMJBJFL6YOJNSIIRQ5BDJN/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "description": "Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling. ", "cvss3": {}, "published": "2009-08-20T21:01:34", "type": "fedora", "title": "[SECURITY] Fedora 10 Update: qt-4.5.2-2.fc10", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1725"], "modified": "2009-08-20T21:01:34", "id": "FEDORA:78C0E10F895", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/PPCJJ3ZCUQLLAVGOX6PVBQ2A7EUWFBWP/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling. ", "cvss3": {}, "published": "2010-05-15T20:33:47", "type": "fedora", "title": "[SECURITY] Fedora 11 Update: qt-4.6.2-17.fc11", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1725", "CVE-2009-2700", "CVE-2010-0046", "CVE-2010-0047", "CVE-2010-0048", "CVE-2010-0049", "CVE-2010-0050", "CVE-2010-0051", "CVE-2010-0052", "CVE-2010-0053", "CVE-2010-0054", "CVE-2010-0648", "CVE-2010-0656"], "modified": "2010-05-15T20:33:47", "id": "FEDORA:45C391112CE", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/MFLKWMMI5HQRHRFZBHYOGGEO22FB6EWJ/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "description": "Libraries for the K Desktop Environment 3: KDE Libraries included: kdecore (KDE core library), kdeui (user interface), kfm (file manager), khtmlw (HTML widget), kio (Input/Output, networking), kspell (spelling checker), jscript (javascript), kab (addressbook), kimgio (image manipulation). ", "cvss3": {}, "published": "2009-07-28T18:28:27", "type": "fedora", "title": "[SECURITY] Fedora 10 Update: kdelibs3-3.5.10-13.fc10", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1687", "CVE-2009-1690", "CVE-2009-1698", "CVE-2009-1725", "CVE-2009-2537"], "modified": "2009-07-28T18:28:27", "id": "FEDORA:9E03610F897", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/33WZ47AZSQMGLIQBHNLIWJOYGUNU77CT/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "description": "Libraries for the K Desktop Environment 3: KDE Libraries included: kdecore (KDE core library), kdeui (user interface), kfm (file manager), khtmlw (HTML widget), kio (Input/Output, networking), kspell (spelling checker), jscript (javascript), kab (addressbook), kimgio (image manipulation). ", "cvss3": {}, "published": "2009-07-28T18:27:35", "type": "fedora", "title": "[SECURITY] Fedora 11 Update: kdelibs3-3.5.10-13.fc11", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1687", "CVE-2009-1690", "CVE-2009-1698", "CVE-2009-1725", "CVE-2009-2537"], "modified": "2009-07-28T18:27:35", "id": "FEDORA:AEA3210F89D", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/GQRMDDHUS5VLFMPZPMMJWMW7VDHPILXG/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "description": "Libraries for the K Desktop Environment 4. ", "cvss3": {}, "published": "2009-09-15T07:39:23", "type": "fedora", "title": "[SECURITY] Fedora 11 Update: kdelibs-4.3.1-3.fc11", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1687", "CVE-2009-1698", "CVE-2009-1725", "CVE-2009-2537", "CVE-2009-2702"], "modified": "2009-09-15T07:39:23", "id": "FEDORA:87F2E10F898", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/QQU7RT4T4LPGWHKCK435MTIURHI4TC5Q/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "description": "Libraries for the K Desktop Environment 4. ", "cvss3": {}, "published": "2009-09-15T07:41:19", "type": "fedora", "title": "[SECURITY] Fedora 10 Update: kdelibs-4.3.1-3.fc10", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1687", "CVE-2009-1698", "CVE-2009-1725", "CVE-2009-2537", "CVE-2009-2702"], "modified": "2009-09-15T07:41:19", "id": "FEDORA:EBE7F10F89B", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/PWCF2OWITA2YHGYVZMAXGRYDJMPCY5ZT/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "description": "Libraries for the K Desktop Environment 4. ", "cvss3": {}, "published": "2009-07-28T18:23:23", "type": "fedora", "title": "[SECURITY] Fedora 11 Update: kdelibs-4.2.4-6.fc11", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0945", "CVE-2009-1687", "CVE-2009-1690", "CVE-2009-1698", "CVE-2009-1725", "CVE-2009-2537"], "modified": "2009-07-28T18:23:23", "id": "FEDORA:DE58C10F88F", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/OYPDAKF6GMXVC6B35FY3IYYC24VYK27F/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "description": "Libraries for the K Desktop Environment 4. ", "cvss3": {}, "published": "2009-07-28T18:26:55", "type": "fedora", "title": "[SECURITY] Fedora 10 Update: kdelibs-4.2.4-6.fc10", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0945", "CVE-2009-1687", "CVE-2009-1690", "CVE-2009-1698", "CVE-2009-1725", "CVE-2009-2537"], "modified": "2009-07-28T18:26:55", "id": "FEDORA:3638D10F89F", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/NT5SSFDLRAPOIEQXLWWLGSKMGDF7HEGP/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "description": "Libraries for the K Desktop Environment 3: KDE Libraries included: kdecore (KDE core library), kdeui (user interface), kfm (file manager), khtmlw (HTML widget), kio (Input/Output, networking), kspell (spelling checker), jscript (javascript), kab (addressbook), kimgio (image manipulation). ", "cvss3": {}, "published": "2009-09-09T01:49:04", "type": "fedora", "title": "[SECURITY] Fedora 11 Update: kdelibs3-3.5.10-13.fc11.1", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1687", "CVE-2009-1690", "CVE-2009-1698", "CVE-2009-1725", "CVE-2009-2537", "CVE-2009-2702"], "modified": "2009-09-09T01:49:04", "id": "FEDORA:BA9DC10F894", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/3PJCKCXHMJGWLY3VSM7NFBPRXB6NSHGY/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "description": "Libraries for the K Desktop Environment 3: KDE Libraries included: kdecore (KDE core library), kdeui (user interface), kfm (file manager), khtmlw (HTML widget), kio (Input/Output, networking), kspell (spelling checker), jscript (javascript), kab (addressbook), kimgio (image manipulation). ", "cvss3": {}, "published": "2009-09-09T01:50:21", "type": "fedora", "title": "[SECURITY] Fedora 10 Update: kdelibs3-3.5.10-13.fc10.1", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1687", "CVE-2009-1690", "CVE-2009-1698", "CVE-2009-1725", "CVE-2009-2537", "CVE-2009-2702"], "modified": "2009-09-09T01:50:21", "id": "FEDORA:C28DA10F8AB", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/PNVVKZAC2KNAUQ65WDFTKKSZDXOHBH2R/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Libraries for KDE 4. ", "cvss3": {}, "published": "2010-04-16T23:53:19", "type": "fedora", "title": "[SECURITY] Fedora 11 Update: kdelibs-4.4.2-2.fc11", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1687", "CVE-2009-1698", "CVE-2009-1725", "CVE-2009-2537", "CVE-2009-2702", "CVE-2010-0436"], "modified": "2010-04-16T23:53:19", "id": "FEDORA:7548628999", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/LEHTOPLPPMFB3DAEKRJDWIFQ2SVF4MS7/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Libraries for KDE 4. ", "cvss3": {}, "published": "2010-05-26T21:45:22", "type": "fedora", "title": "[SECURITY] Fedora 11 Update: kdelibs-4.4.3-2.fc11", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1687", "CVE-2009-1698", "CVE-2009-1725", "CVE-2009-2537", "CVE-2009-2702", "CVE-2010-1000", "CVE-2010-1511"], "modified": "2010-05-26T21:45:22", "id": "FEDORA:92578111707", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/IYJQDK6572ROZYWSUY3T7OSEA5C6BGHA/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2021-06-08T19:10:32", "description": "certificate spoofing with &#92;0 symbol in domain name.", "edition": 2, "cvss3": {}, "published": "2009-09-09T00:00:00", "title": "Nokia Trolltech Qt4 SSL certificate spoofing", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2009-2700"], "modified": "2009-09-09T00:00:00", "id": "SECURITYVULNS:VULN:10216", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:10216", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:31", "description": "\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2009:225\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : qt4\r\n Date : September 8, 2009\r\n Affected: 2009.0, 2009.1, Enterprise Server 5.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n A vulnerability has been found and corrected in qt4:\r\n \r\n src/network/ssl/qsslcertificate.cpp in Nokia Trolltech Qt 4.x\r\n does not properly handle a &#39;&#92;0&#39; character in a domain name in the\r\n Subject Alternative Name field of an X.509 certificate, which allows\r\n man-in-the-middle attackers to spoof arbitrary SSL servers via a\r\n crafted certificate issued by a legitimate Certification Authority,\r\n a related issue to CVE-2009-2408 &#40;CVE-2009-2700&#41;.\r\n \r\n This update provides a solution to this vulnerability.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2700\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Linux 2009.0:\r\n 8f0b2b07978ce4e9eb86291935b2259c 2009.0/i586/libqassistant4-4.5.2-1.6mdv2009.0.i586.rpm\r\n e2403dcda9f123b545188aef00cb2114 2009.0/i586/libqt3support4-4.5.2-1.6mdv2009.0.i586.rpm\r\n 51288fb907cc947b3cadd9ab2e33b75b 2009.0/i586/libqt4-devel-4.5.2-1.6mdv2009.0.i586.rpm\r\n 302a8f93453e5d53d7c8a2df82029ffc 2009.0/i586/libqtclucene4-4.5.2-1.6mdv2009.0.i586.rpm\r\n 616c5e49341e9a09d0e8ebe84e02e1cc 2009.0/i586/libqtcore4-4.5.2-1.6mdv2009.0.i586.rpm\r\n 3c83783b3bce0ef1d4272fea4b2b8b63 2009.0/i586/libqtdbus4-4.5.2-1.6mdv2009.0.i586.rpm\r\n 0a5e1e53937d3e283d7a3d4227850e35 2009.0/i586/libqtdesigner4-4.5.2-1.6mdv2009.0.i586.rpm\r\n 33ce1ee1c1cde616895ecef850720000 2009.0/i586/libqtgui4-4.5.2-1.6mdv2009.0.i586.rpm\r\n 94e8c96fbc41bb125a1e3104f552f267 2009.0/i586/libqthelp4-4.5.2-1.6mdv2009.0.i586.rpm\r\n 1370e9cbbdffd1763ac8740fb31505bd 2009.0/i586/libqtnetwork4-4.5.2-1.6mdv2009.0.i586.rpm\r\n 1699327bbe2cf4bef5c9dedb155c3c36 2009.0/i586/libqtopengl4-4.5.2-1.6mdv2009.0.i586.rpm\r\n ca924316c1e18ad29bdf37f392883f1c 2009.0/i586/libqtscript4-4.5.2-1.6mdv2009.0.i586.rpm\r\n 8fd952c8be0760d7918e6e5693ba32a7 2009.0/i586/libqtscripttools4-4.5.2-1.6mdv2009.0.i586.rpm\r\n afc2b34155609ac2f390446f7f5bc45b 2009.0/i586/libqtsql4-4.5.2-1.6mdv2009.0.i586.rpm\r\n 345e293c4771e249679801aa750397ca 2009.0/i586/libqtsvg4-4.5.2-1.6mdv2009.0.i586.rpm\r\n b0e143930f2da815b3fcae1c73a1a70c 2009.0/i586/libqttest4-4.5.2-1.6mdv2009.0.i586.rpm\r\n 2c7474fd309e67fe682e44576b527e0c 2009.0/i586/libqtwebkit4-4.5.2-1.6mdv2009.0.i586.rpm\r\n b19c8107575a0818ecbe19dae9028ef0 2009.0/i586/libqtxml4-4.5.2-1.6mdv2009.0.i586.rpm\r\n 1540b82f62f29d8e9f46df23e5b7f786 2009.0/i586/libqtxmlpatterns4-4.5.2-1.6mdv2009.0.i586.rpm\r\n a243614d06b6aa0aec46b6263bdde420 2009.0/i586/qt4-accessibility-plugin-4.5.2-1.6mdv2009.0.i586.rpm\r\n 11c894ba3a91e7c2e1ebc0c194c9aaae 2009.0/i586/qt4-assistant-4.5.2-1.6mdv2009.0.i586.rpm\r\n 40a9530b2ed55545036ee30ce5109069 2009.0/i586/qt4-common-4.5.2-1.6mdv2009.0.i586.rpm\r\n 28fd5f52ebd0f1b47975aaabc6a69ea1 2009.0/i586/qt4-database-plugin-mysql-4.5.2-1.6mdv2009.0.i586.rpm\r\n 6e315a67b9e061027b7ec252cfb2085b 2009.0/i586/qt4-database-plugin-odbc-4.5.2-1.6mdv2009.0.i586.rpm\r\n 80e679cde6b34b8ba063cf0d36b198eb 2009.0/i586/qt4-database-plugin-pgsql-4.5.2-1.6mdv2009.0.i586.rpm\r\n b613b53004865d81b54f7c11a403a529 2009.0/i586/qt4-database-plugin-sqlite-4.5.2-1.6mdv2009.0.i586.rpm\r\n f97d447b97bfd68d59d0eb28064f7213 2009.0/i586/qt4-database-plugin-tds-4.5.2-1.6mdv2009.0.i586.rpm\r\n c9c9e0a3230ba751c7eebeacc44d906d 2009.0/i586/qt4-designer-4.5.2-1.6mdv2009.0.i586.rpm\r\n cf2435679fa0066b6ae95a4dad6c0fda 2009.0/i586/qt4-doc-4.5.2-1.6mdv2009.0.i586.rpm\r\n 933137e640637b6fa7ea5b5a6257a9ca 2009.0/i586/qt4-examples-4.5.2-1.6mdv2009.0.i586.rpm\r\n 6e080be6a767a58323c845521d8eef9a 2009.0/i586/qt4-graphicssystems-plugin-4.5.2-1.6mdv2009.0.i586.rpm\r\n 70f84dbe081843b0fa9c4b07b517b7a8 2009.0/i586/qt4-linguist-4.5.2-1.6mdv2009.0.i586.rpm\r\n 8082bc18d3183654f64c0bba0933de93 2009.0/i586/qt4-qdoc3-4.5.2-1.6mdv2009.0.i586.rpm\r\n b77fb9a4915ee16eb07a2c7a82069a7a 2009.0/i586/qt4-qtconfig-4.5.2-1.6mdv2009.0.i586.rpm\r\n b2b4fb545fcaf96de26ea8618f507eb9 2009.0/i586/qt4-qtdbus-4.5.2-1.6mdv2009.0.i586.rpm\r\n ca7d917f2442e9ff1665b224e834d9e2 2009.0/i586/qt4-qvfb-4.5.2-1.6mdv2009.0.i586.rpm\r\n 840c3cd230194546f0277fb0314fe31b 2009.0/i586/qt4-xmlpatterns-4.5.2-1.6mdv2009.0.i586.rpm \r\n e7d70d53a8a870ba2b938c754dc58379 2009.0/SRPMS/qt4-4.5.2-1.6mdv2009.0.src.rpm\r\n\r\n Mandriva Linux 2009.0/X86_64:\r\n f9ceffb25a3dd3e2fff7520eb024b413 2009.0/x86_64/lib64qassistant4-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n ff62476ae9bc5124c3b77ccd6b8e4dfb 2009.0/x86_64/lib64qt3support4-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n e05a185eae6d1155404ebdca47228298 2009.0/x86_64/lib64qt4-devel-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 34f026834954176924b8ceaa07402d94 2009.0/x86_64/lib64qtclucene4-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 3417707e32fd86d56e3eddb11cc8adfc 2009.0/x86_64/lib64qtcore4-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n f73849389ac56f6aeba0a99b51f78bd1 2009.0/x86_64/lib64qtdbus4-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n a98754a5f9162f3dbf6ae02b3a4fc326 2009.0/x86_64/lib64qtdesigner4-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 49833997afdfb052f8bb433f7414b759 2009.0/x86_64/lib64qtgui4-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 474c0f0f7f1482fb97224426a83cbca0 2009.0/x86_64/lib64qthelp4-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n a88ccb8f38dc94d9285f7c1ba1f59abb 2009.0/x86_64/lib64qtnetwork4-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n d5c2fd9e3505e1176ad330fcc7b69c7a 2009.0/x86_64/lib64qtopengl4-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 0de7a8ace4b49919ac0ccc8c5e8d332f 2009.0/x86_64/lib64qtscript4-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 7ce2aba490bd9f7520fbdb25dbe5b2ca 2009.0/x86_64/lib64qtscripttools4-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 4334eb5e253f3fdd5e1dd9d993711078 2009.0/x86_64/lib64qtsql4-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 94684fb18dd38cf1d3f2a0c3d2350b4a 2009.0/x86_64/lib64qtsvg4-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 49c34a46d085d4eab5915cfb01c0b0c6 2009.0/x86_64/lib64qttest4-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n e3a49c9ac1c0fb5be354d40b151cef8f 2009.0/x86_64/lib64qtwebkit4-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 9edb5e5d6bfbe11f4da5267426555982 2009.0/x86_64/lib64qtxml4-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 788f9e76148b2d8b6aab85c180c9ef2a 2009.0/x86_64/lib64qtxmlpatterns4-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 69b48fbeee815b383073f03363e34a0a \r\n2009.0/x86_64/qt4-accessibility-plugin-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 32142e9e15fc02141839f6e145285543 2009.0/x86_64/qt4-assistant-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 150e2512211462927f33247184f11e7e 2009.0/x86_64/qt4-common-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n e5a17b66d70cc77dcbe8364da87269b9 \r\n2009.0/x86_64/qt4-database-plugin-mysql-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 7cc2aa658afa85304b3a4c4312e20ad6 \r\n2009.0/x86_64/qt4-database-plugin-odbc-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n ce73ffa95481ae312e4274d1976e2e7e \r\n2009.0/x86_64/qt4-database-plugin-pgsql-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n d1321f0a1c177b84d06e158eac15a435 \r\n2009.0/x86_64/qt4-database-plugin-sqlite-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n b49fc0f5a0da1c9b539bba4d2df07005 \r\n2009.0/x86_64/qt4-database-plugin-tds-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 1c16661643343b9b3b2ddd3e44b4b707 2009.0/x86_64/qt4-designer-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 373a3af8447e53de328fd5cc5876988d 2009.0/x86_64/qt4-doc-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 59cb1a04ecfbdd1aeff294d9663ba900 2009.0/x86_64/qt4-examples-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 9f8cc6a94247dfc0abf80bb10307c3e8 \r\n2009.0/x86_64/qt4-graphicssystems-plugin-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n cb45f4b26814ea8b3ab6181a50c72f22 2009.0/x86_64/qt4-linguist-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n e13be65ed2912ebb064c86d9aa55c4f0 2009.0/x86_64/qt4-qdoc3-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 6833ef669f7448ee47e4f399ed5e8c0b 2009.0/x86_64/qt4-qtconfig-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 71029609bd89ac503875cfb7c70ffb45 2009.0/x86_64/qt4-qtdbus-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 84701ed7926e276a4f960432e3b376c6 2009.0/x86_64/qt4-qvfb-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n d8188e6b55ee4477558bcf37aa348b22 2009.0/x86_64/qt4-xmlpatterns-4.5.2-1.6mdv2009.0.x86_64.rpm \r\n e7d70d53a8a870ba2b938c754dc58379 2009.0/SRPMS/qt4-4.5.2-1.6mdv2009.0.src.rpm\r\n\r\n Mandriva Linux 2009.1:\r\n 2e2ab90686768ad3332604dfee629e93 2009.1/i586/libqassistant4-4.5.2-1.4mdv2009.1.i586.rpm\r\n 8535d83b511c66a59c9152995afacbf4 2009.1/i586/libqt3support4-4.5.2-1.4mdv2009.1.i586.rpm\r\n 61dd3bcdef9e0250d5a8a3e8a75a7b1b 2009.1/i586/libqt4-devel-4.5.2-1.4mdv2009.1.i586.rpm\r\n 297c603db7184971d533c3edc0e4314c 2009.1/i586/libqtclucene4-4.5.2-1.4mdv2009.1.i586.rpm\r\n f7043105bc3bf97166a9e5898f41cee0 2009.1/i586/libqtcore4-4.5.2-1.4mdv2009.1.i586.rpm\r\n 1ecae69d52815b033c973a8f55fff26f 2009.1/i586/libqtdbus4-4.5.2-1.4mdv2009.1.i586.rpm\r\n 14bd0c6ebdc10c9208968246d3ddc8e1 2009.1/i586/libqtdesigner4-4.5.2-1.4mdv2009.1.i586.rpm\r\n 0366ccc7475139e96622ebc20e09a645 2009.1/i586/libqtgui4-4.5.2-1.4mdv2009.1.i586.rpm\r\n 31a16c4dae404ef7e06fde024e96b2e6 2009.1/i586/libqthelp4-4.5.2-1.4mdv2009.1.i586.rpm\r\n 5ada32f6e70d288fe179b1ab42d4a398 2009.1/i586/libqtnetwork4-4.5.2-1.4mdv2009.1.i586.rpm\r\n b04f16a4b050d460413cbd76d98eed48 2009.1/i586/libqtopengl4-4.5.2-1.4mdv2009.1.i586.rpm\r\n 7baa68c4abc646c76a2d3ae5bca141b4 2009.1/i586/libqtscript4-4.5.2-1.4mdv2009.1.i586.rpm\r\n 7985c1a4a878a723ad2ebfb6241f60b2 2009.1/i586/libqtscripttools4-4.5.2-1.4mdv2009.1.i586.rpm\r\n 58eeda1ce05925c0b3cab904db3f25a7 2009.1/i586/libqtsql4-4.5.2-1.4mdv2009.1.i586.rpm\r\n d99e31623b92731a5cb8523c6294b26f 2009.1/i586/libqtsvg4-4.5.2-1.4mdv2009.1.i586.rpm\r\n 8530af45ed10f1f3ab0c0134d6162089 2009.1/i586/libqttest4-4.5.2-1.4mdv2009.1.i586.rpm\r\n bc7276c87cc3e820092220a165fd712c 2009.1/i586/libqtwebkit4-4.5.2-1.4mdv2009.1.i586.rpm\r\n d8d1672097abf788e33839b052502db7 2009.1/i586/libqtxml4-4.5.2-1.4mdv2009.1.i586.rpm\r\n 60f2b738a748c9a6940d170fe3d55fbd 2009.1/i586/libqtxmlpatterns4-4.5.2-1.4mdv2009.1.i586.rpm\r\n 707148f3de734413d332f15834befab1 2009.1/i586/qt4-accessibility-plugin-4.5.2-1.4mdv2009.1.i586.rpm\r\n 1030cc7be0bd49c2fdbc4f504a4cfc34 2009.1/i586/qt4-assistant-4.5.2-1.4mdv2009.1.i586.rpm\r\n ba55040d9da2653c2cd874cc310deacd 2009.1/i586/qt4-common-4.5.2-1.4mdv2009.1.i586.rpm\r\n 1c16bc98468323b4325b5c2a7246b5fa 2009.1/i586/qt4-database-plugin-mysql-4.5.2-1.4mdv2009.1.i586.rpm\r\n 4893d62ce7c8fab073986df4044a9104 2009.1/i586/qt4-database-plugin-odbc-4.5.2-1.4mdv2009.1.i586.rpm\r\n c5fdd4a8a13263f207e093578ed7b04f 2009.1/i586/qt4-database-plugin-pgsql-4.5.2-1.4mdv2009.1.i586.rpm\r\n 259be796e5410d370c4de6eaa5fbd8f2 2009.1/i586/qt4-database-plugin-sqlite-4.5.2-1.4mdv2009.1.i586.rpm\r\n 36572044c13cc085969d7613c476984d 2009.1/i586/qt4-database-plugin-tds-4.5.2-1.4mdv2009.1.i586.rpm\r\n b3efeae677ee698460c262eeb89155e1 2009.1/i586/qt4-designer-4.5.2-1.4mdv2009.1.i586.rpm\r\n f6abc26faf180e0f01471183e9eb1360 2009.1/i586/qt4-doc-4.5.2-1.4mdv2009.1.i586.rpm\r\n 85d63d0a1d807733cec89b44b8726b6c 2009.1/i586/qt4-examples-4.5.2-1.4mdv2009.1.i586.rpm\r\n d861c9c37090a5dc54a8b9f47bcd85e9 2009.1/i586/qt4-graphicssystems-plugin-4.5.2-1.4mdv2009.1.i586.rpm\r\n fa8be490f70fbdbcabcaa5dcd8fbe8e6 2009.1/i586/qt4-linguist-4.5.2-1.4mdv2009.1.i586.rpm\r\n 611e52f298cbd663d4817471d5ec6649 2009.1/i586/qt4-qdoc3-4.5.2-1.4mdv2009.1.i586.rpm\r\n 376e4a78a53a6d19aec23cc6fe4d02e6 2009.1/i586/qt4-qtconfig-4.5.2-1.4mdv2009.1.i586.rpm\r\n f544cfb1ae089a636d326c1a16d49a8b 2009.1/i586/qt4-qtdbus-4.5.2-1.4mdv2009.1.i586.rpm\r\n 4d5426eea7ff3b5d9d482e8e0564e259 2009.1/i586/qt4-qvfb-4.5.2-1.4mdv2009.1.i586.rpm\r\n b36c895e5b1a142c80ba069deca27326 2009.1/i586/qt4-xmlpatterns-4.5.2-1.4mdv2009.1.i586.rpm \r\n ba2b427b637644c9e2ae052e440db3ca 2009.1/SRPMS/qt4-4.5.2-1.4mdv2009.1.src.rpm\r\n\r\n Mandriva Linux 2009.1/X86_64:\r\n 309cb9e93730dac6e68c2aceedca6228 2009.1/x86_64/lib64qassistant4-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 50251a9f53d698bd4ec409482fceece6 2009.1/x86_64/lib64qt3support4-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n c75df0fbfc405667184efe4914d6700e 2009.1/x86_64/lib64qt4-devel-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n d4747541bf506775a4b3dad05752ed89 2009.1/x86_64/lib64qtclucene4-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 0fbf6ba9b02e6f0443b3f339d7cf88be 2009.1/x86_64/lib64qtcore4-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 2702f5810e04d265fc32f34acf9f7a2b 2009.1/x86_64/lib64qtdbus4-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 5b28ffd5773a937eef1475f8a7830dc6 2009.1/x86_64/lib64qtdesigner4-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 05fc9bdb0a43260b0abc2cd11fd110ef 2009.1/x86_64/lib64qtgui4-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 37416362357074d38f7f65e185cc1f2c 2009.1/x86_64/lib64qthelp4-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 141d620b08d76178b97e6b23d817da89 2009.1/x86_64/lib64qtnetwork4-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 5f1cbb6f37664d6796bd481bdbb68c6c 2009.1/x86_64/lib64qtopengl4-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 0a253e802e32372098197cf61a73c47f 2009.1/x86_64/lib64qtscript4-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n e771cdd2158872e3fc67f614ca761df5 2009.1/x86_64/lib64qtscripttools4-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 71cf257490930dbab7e318dd4895ba65 2009.1/x86_64/lib64qtsql4-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n f9f399a96211e86abc99b60a34646c27 2009.1/x86_64/lib64qtsvg4-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n cbf1ad93a0ba4b08d19a4c5387247c6c 2009.1/x86_64/lib64qttest4-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 496e439949045d6406ad6ed112dc9ad9 2009.1/x86_64/lib64qtwebkit4-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 25ef7ae8fc7bcb0875046347abddaf2e 2009.1/x86_64/lib64qtxml4-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n a2d002a440b4bd33cc05592ea3a48d4c 2009.1/x86_64/lib64qtxmlpatterns4-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 0611975777f48a60525af58fc87572cd \r\n2009.1/x86_64/qt4-accessibility-plugin-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 0ef334dda35fa8a9382e25889496bf04 2009.1/x86_64/qt4-assistant-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 79d0a99a5a61c63fc41bf08654bb0e41 2009.1/x86_64/qt4-common-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n ea0f80e65d83db575f4e326bd5701c77 \r\n2009.1/x86_64/qt4-database-plugin-mysql-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 6d248fade8ffedfd4d445baae775c942 \r\n2009.1/x86_64/qt4-database-plugin-odbc-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n d166e598090bb0c51bb784f2c36c37d3 \r\n2009.1/x86_64/qt4-database-plugin-pgsql-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 2fb0b42d4db487a853a387a0436250b1 \r\n2009.1/x86_64/qt4-database-plugin-sqlite-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n a2b30140d156c30a2b51859dfdcb6058 \r\n2009.1/x86_64/qt4-database-plugin-tds-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 123582d5b2797db92c92de4b3035b2a3 2009.1/x86_64/qt4-designer-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n a6acdd2d2cf72450cbfafbdcce8de14b 2009.1/x86_64/qt4-doc-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n f91e7ac39ff8ceac3e388e8c0e0092bb 2009.1/x86_64/qt4-examples-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 47cb7db983032b0b1bc99b9076b1e2a6 \r\n2009.1/x86_64/qt4-graphicssystems-plugin-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n e4a95559aff6f3040e9cf70a21571c0c 2009.1/x86_64/qt4-linguist-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 31769c7e3a9114ad2baa0ec2ecc51ec7 2009.1/x86_64/qt4-qdoc3-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 803a5567c991b9b4d1d393faa99ce4f9 2009.1/x86_64/qt4-qtconfig-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n e0932731675cade4d8af28f73076cb66 2009.1/x86_64/qt4-qtdbus-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 80a1e75207a94459f7a5d170e039040f 2009.1/x86_64/qt4-qvfb-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 74353dc01bda76eac82e627d3bd4394f 2009.1/x86_64/qt4-xmlpatterns-4.5.2-1.4mdv2009.1.x86_64.rpm \r\n ba2b427b637644c9e2ae052e440db3ca 2009.1/SRPMS/qt4-4.5.2-1.4mdv2009.1.src.rpm\r\n\r\n Mandriva Enterprise Server 5:\r\n 6dab5b4352861791d2e9c66844e8f7cc mes5/i586/libqassistant4-4.4.3-1.1mdvmes5.i586.rpm\r\n 5b5f04166167f6b65bb09f1cdc4ff418 mes5/i586/libqt3support4-4.4.3-1.1mdvmes5.i586.rpm\r\n f8d7a36ceff46f2379a9405e174e7ef2 mes5/i586/libqt4-devel-4.4.3-1.1mdvmes5.i586.rpm\r\n 3e1cda13224d2eb90358948d6bfe0ca7 mes5/i586/libqtclucene4-4.4.3-1.1mdvmes5.i586.rpm\r\n 381b32c3d329709faeab69af54685426 mes5/i586/libqtcore4-4.4.3-1.1mdvmes5.i586.rpm\r\n 2068b07d29956817643d3a56dc22e8f6 mes5/i586/libqtdbus4-4.4.3-1.1mdvmes5.i586.rpm\r\n 143f967ce65bb0c2a93366c0aa7f72a6 mes5/i586/libqtdesigner4-4.4.3-1.1mdvmes5.i586.rpm\r\n d14b1405301030a42d13f177edb44d3f mes5/i586/libqtgui4-4.4.3-1.1mdvmes5.i586.rpm\r\n dadc72b3fcd68c0e9551ae08f8531533 mes5/i586/libqthelp4-4.4.3-1.1mdvmes5.i586.rpm\r\n a73d8530564ca8b1d44dbb1db5f65692 mes5/i586/libqtnetwork4-4.4.3-1.1mdvmes5.i586.rpm\r\n 08e560d95d4593ce0666a46557abb83a mes5/i586/libqtopengl4-4.4.3-1.1mdvmes5.i586.rpm\r\n e96273da78f150bef55286cb645c14f4 mes5/i586/libqtscript4-4.4.3-1.1mdvmes5.i586.rpm\r\n d01ed62e2ecd569ff8f063111d364422 mes5/i586/libqtsql4-4.4.3-1.1mdvmes5.i586.rpm\r\n 32933d8323bef2ed63a0893fc834c300 mes5/i586/libqtsvg4-4.4.3-1.1mdvmes5.i586.rpm\r\n 8a403e86299f148f522028898ecb8748 mes5/i586/libqttest4-4.4.3-1.1mdvmes5.i586.rpm\r\n 28121e2bb1edfd668af72eda7d6a7c0e mes5/i586/libqtwebkit4-4.4.3-1.1mdvmes5.i586.rpm\r\n 3564638af5cb81c575aa4cbf33385169 mes5/i586/libqtxml4-4.4.3-1.1mdvmes5.i586.rpm\r\n a1ac714f01d23f77e6806ef455162714 mes5/i586/libqtxmlpatterns4-4.4.3-1.1mdvmes5.i586.rpm\r\n 414ac53798e391740795c46bb8eb02b7 mes5/i586/qt4-accessibility-plugin-lib-4.4.3-1.1mdvmes5.i586.rpm\r\n f3fb1ba455217b4964b0a34c24a0da6b mes5/i586/qt4-assistant-4.4.3-1.1mdvmes5.i586.rpm\r\n 05227c7aa487f260eb4af4a72bf322b3 mes5/i586/qt4-common-4.4.3-1.1mdvmes5.i586.rpm\r\n 93a8c12b8c890dd6ac1e7acd1f125bac mes5/i586/qt4-database-plugin-mysql-lib-4.4.3-1.1mdvmes5.i586.rpm\r\n fbd40034720f238214813e582aa837d9 mes5/i586/qt4-database-plugin-odbc-lib-4.4.3-1.1mdvmes5.i586.rpm\r\n b5d563d9008dd85cc73b0c27ddc6fd9e mes5/i586/qt4-database-plugin-pgsql-lib-4.4.3-1.1mdvmes5.i586.rpm\r\n bf7d17080c5e228a39792bb0913a9253 mes5/i586/qt4-database-plugin-sqlite-lib-4.4.3-1.1mdvmes5.i586.rpm\r\n fdf84439ea6570d5730f5ebc8957b8d4 mes5/i586/qt4-designer-4.4.3-1.1mdvmes5.i586.rpm\r\n 0f758d6b30b5d83951193628ab870214 mes5/i586/qt4-doc-4.4.3-1.1mdvmes5.i586.rpm\r\n 0a0e034feb424384c692221d64472d90 mes5/i586/qt4-examples-4.4.3-1.1mdvmes5.i586.rpm\r\n 1ede5a58758447c3ac4debbf7c63b796 mes5/i586/qt4-linguist-4.4.3-1.1mdvmes5.i586.rpm\r\n a2cd930d1c7a3d63dd917ecabfeacbb7 mes5/i586/qt4-qtconfig-4.4.3-1.1mdvmes5.i586.rpm\r\n 486dfd1d8fcb5cf8cf4494528944305d mes5/i586/qt4-qtdbus-4.4.3-1.1mdvmes5.i586.rpm\r\n 70303d543e001142fb16d8f8c247cc85 mes5/i586/qt4-qvfb-4.4.3-1.1mdvmes5.i586.rpm\r\n a03bb20031295de711faf022052dc363 mes5/i586/qt4-xmlpatterns-4.4.3-1.1mdvmes5.i586.rpm \r\n 8e6542cfb9f71065cf2135143286905e mes5/SRPMS/qt4-4.4.3-1.1mdvmes5.src.rpm\r\n\r\n Mandriva Enterprise Server 5/X86_64:\r\n 51d1fb7d404b412c232463454f8fbbf9 mes5/x86_64/lib64qassistant4-4.4.3-1.1mdvmes5.x86_64.rpm\r\n 8d37e2870bd68f953f1a5ee0a69afaa1 mes5/x86_64/lib64qt3support4-4.4.3-1.1mdvmes5.x86_64.rpm\r\n 453f839e0367104c1ffed17533072488 mes5/x86_64/lib64qt4-devel-4.4.3-1.1mdvmes5.x86_64.rpm\r\n cc348afa0bd63d4d2f2d6ec9e59f2aca mes5/x86_64/lib64qtclucene4-4.4.3-1.1mdvmes5.x86_64.rpm\r\n a84b47e7dc3f9f67c8f6ad43176c2370 mes5/x86_64/lib64qtcore4-4.4.3-1.1mdvmes5.x86_64.rpm\r\n aead498329b43cfc1210f2a1ea608375 mes5/x86_64/lib64qtdbus4-4.4.3-1.1mdvmes5.x86_64.rpm\r\n ee717732bda774e10cd3ca21f7936dea mes5/x86_64/lib64qtdesigner4-4.4.3-1.1mdvmes5.x86_64.rpm\r\n f199108dcce669cb74a850b577e55a67 mes5/x86_64/lib64qtgui4-4.4.3-1.1mdvmes5.x86_64.rpm\r\n 100aa8902b8d88499772512d412d4a28 mes5/x86_64/lib64qthelp4-4.4.3-1.1mdvmes5.x86_64.rpm\r\n 719a91aa60cb7ad92c7ba21b1971e5c0 mes5/x86_64/lib64qtnetwork4-4.4.3-1.1mdvmes5.x86_64.rpm\r\n b7a62f4e3e06381343d364dde342fa7a mes5/x86_64/lib64qtopengl4-4.4.3-1.1mdvmes5.x86_64.rpm\r\n fd598160347f59354e4f915be6a8d442 mes5/x86_64/lib64qtscript4-4.4.3-1.1mdvmes5.x86_64.rpm\r\n 13cc8a9ae362634aaf1b6a965c892e70 mes5/x86_64/lib64qtsql4-4.4.3-1.1mdvmes5.x86_64.rpm\r\n a9e1a49d36f0bdef47e30f37705c60d3 mes5/x86_64/lib64qtsvg4-4.4.3-1.1mdvmes5.x86_64.rpm\r\n 2aedb02ce51f8795ee4066c3794ee983 mes5/x86_64/lib64qttest4-4.4.3-1.1mdvmes5.x86_64.rpm\r\n 3b681e6c1aa6356f35dee66cddfe0bf9 mes5/x86_64/lib64qtwebkit4-4.4.3-1.1mdvmes5.x86_64.rpm\r\n 0b1606c177d245352b46185dab735887 mes5/x86_64/lib64qtxml4-4.4.3-1.1mdvmes5.x86_64.rpm\r\n 7ef7becb19b5944f89ef67a3bfca94e4 mes5/x86_64/lib64qtxmlpatterns4-4.4.3-1.1mdvmes5.x86_64.rpm\r\n 598723e3efa4851df97a671734899719 \r\nmes5/x86_64/qt4-accessibility-plugin-lib64-4.4.3-1.1mdvmes5.x86_64.rpm\r\n 9bbfb3a3635228c1b2d033e3738efe60 mes5/x86_64/qt4-assistant-4.4.3-1.1mdvmes5.x86_64.rpm\r\n c8c4acf66f09afa84bc65c61582f0c8a mes5/x86_64/qt4-common-4.4.3-1.1mdvmes5.x86_64.rpm\r\n b9853a79c82f3acbf5d272d2a03f196e \r\nmes5/x86_64/qt4-database-plugin-mysql-lib64-4.4.3-1.1mdvmes5.x86_64.rpm\r\n 49819189b126bee1b7ccd847ec51a583 \r\nmes5/x86_64/qt4-database-plugin-odbc-lib64-4.4.3-1.1mdvmes5.x86_64.rpm\r\n 8203263572ccc75822aa505b80fdeba0 \r\nmes5/x86_64/qt4-database-plugin-pgsql-lib64-4.4.3-1.1mdvmes5.x86_64.rpm\r\n cf200cfa8ec444191cdd004781da7d84 \r\nmes5/x86_64/qt4-database-plugin-sqlite-lib64-4.4.3-1.1mdvmes5.x86_64.rpm\r\n 383e8baae8301b06ef2539bf02741969 mes5/x86_64/qt4-designer-4.4.3-1.1mdvmes5.x86_64.rpm\r\n f10a7aec7d82ac20e89439350a6cdb77 mes5/x86_64/qt4-doc-4.4.3-1.1mdvmes5.x86_64.rpm\r\n c28a00e567bbf9cafdec4913c359ab23 mes5/x86_64/qt4-examples-4.4.3-1.1mdvmes5.x86_64.rpm\r\n acfe2e3ebc80d1c1bc1065ff166d4f7d mes5/x86_64/qt4-linguist-4.4.3-1.1mdvmes5.x86_64.rpm\r\n 02c4bcc9514b8c77cc0357b62c5eabf1 mes5/x86_64/qt4-qtconfig-4.4.3-1.1mdvmes5.x86_64.rpm\r\n 567322d54d96cef40ca8ae487180b194 mes5/x86_64/qt4-qtdbus-4.4.3-1.1mdvmes5.x86_64.rpm\r\n 476f0e47ead448f0c1fa9622f830ede9 mes5/x86_64/qt4-qvfb-4.4.3-1.1mdvmes5.x86_64.rpm\r\n 2d38f1e4dd2d4e008a44dc138edd1c60 mes5/x86_64/qt4-xmlpatterns-4.4.3-1.1mdvmes5.x86_64.rpm \r\n 8e6542cfb9f71065cf2135143286905e mes5/SRPMS/qt4-4.4.3-1.1mdvmes5.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_&#40;at&#41;_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n &lt;security*mandriva.com&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFKplfBmqjQ0CJFipgRAtjyAJ46d0Cyi2XB9gCpUtAQUabOyVjTAgCffuGq\r\nBCaSemxCUSF0hiNsvtBeFw0=\r\n=bKvo\r\n-----END PGP SIGNATURE-----", "edition": 1, "cvss3": {}, "published": "2009-09-09T00:00:00", "title": "[ MDVSA-2009:225 ] qt4", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2009-2700", "CVE-2009-2408"], "modified": "2009-09-09T00:00:00", "id": "SECURITYVULNS:DOC:22430", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:22430", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2021-08-19T13:02:44", "description": "This update fixes the handling of the subjectAltName field in SSL certificates. (CVE-2009-2700)", "cvss3": {"score": null, "vector": null}, "published": "2010-10-11T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Qt3 (ZYPP Patch Number 6645)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2700"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_DBUS-1-QT-6645.NASL", "href": "https://www.tenable.com/plugins/nessus/49844", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(49844);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2700\");\n\n script_name(english:\"SuSE 10 Security Update : Qt3 (ZYPP Patch Number 6645)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the handling of the subjectAltName field in SSL\ncertificates. (CVE-2009-2700)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2700.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6645.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/10/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"dbus-1-qt-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"qt-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"qt-qt3support-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"qt-sql-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"qt-x11-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"dbus-1-qt-32bit-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"qt-32bit-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"qt-qt3support-32bit-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"qt-sql-32bit-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"qt-x11-32bit-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"dbus-1-qt-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"qt-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"qt-qt3support-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"qt-sql-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"qt-x11-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"dbus-1-qt-32bit-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"qt-32bit-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"qt-qt3support-32bit-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"qt-sql-32bit-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"qt-x11-32bit-4.3.4-0.7.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T13:06:35", "description": "security fix for CVE-2009-2700\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-09-03T00:00:00", "type": "nessus", "title": "Fedora 10 : qt-4.5.2-3.fc10 (2009-9232)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2700"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:qt", "cpe:/o:fedoraproject:fedora:10"], "id": "FEDORA_2009-9232.NASL", "href": "https://www.tenable.com/plugins/nessus/40856", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-9232.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40856);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-2700\");\n script_xref(name:\"FEDORA\", value:\"2009-9232\");\n\n script_name(english:\"Fedora 10 : qt-4.5.2-3.fc10 (2009-9232)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"security fix for CVE-2009-2700\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=520435\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-September/028709.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1ff86ca9\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected qt package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:qt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"qt-4.5.2-3.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qt\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T13:06:05", "description": "This update fixes the handling of the subjectAltName field in SSL certificates. (CVE-2009-2700)", "cvss3": {"score": null, "vector": null}, "published": "2009-11-13T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Qt3 (ZYPP Patch Number 6644)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2700"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_DBUS-1-QT-6644.NASL", "href": "https://www.tenable.com/plugins/nessus/42794", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42794);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2700\");\n\n script_name(english:\"SuSE 10 Security Update : Qt3 (ZYPP Patch Number 6644)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the handling of the subjectAltName field in SSL\ncertificates. (CVE-2009-2700)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2700.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6644.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"dbus-1-qt-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"qt-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"qt-qt3support-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"qt-sql-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"qt-x11-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"dbus-1-qt-32bit-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"qt-32bit-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"qt-qt3support-32bit-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"qt-sql-32bit-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"qt-x11-32bit-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"dbus-1-qt-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"qt-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"qt-qt3support-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"qt-sql-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"qt-x11-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"dbus-1-qt-32bit-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"qt-32bit-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"qt-qt3support-32bit-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"qt-sql-32bit-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"qt-x11-32bit-4.3.4-0.7.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T13:06:14", "description": "This update fixes the handling of the subjectAltName field in SSL certificates. (CVE-2009-2700)", "cvss3": {"score": null, "vector": null}, "published": "2009-11-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libqt4 (libqt4-1521)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2700"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libqt4", "p-cpe:/a:novell:opensuse:libqt4-32bit", "p-cpe:/a:novell:opensuse:libqt4-devel", "p-cpe:/a:novell:opensuse:libqt4-qt3support", "p-cpe:/a:novell:opensuse:libqt4-qt3support-32bit", "p-cpe:/a:novell:opensuse:libqt4-sql", "p-cpe:/a:novell:opensuse:libqt4-sql-32bit", "p-cpe:/a:novell:opensuse:libqt4-sql-sqlite", "p-cpe:/a:novell:opensuse:libqt4-x11", "p-cpe:/a:novell:opensuse:libqt4-x11-32bit", "cpe:/o:novell:opensuse:11.1"], "id": "SUSE_11_1_LIBQT4-091106.NASL", "href": "https://www.tenable.com/plugins/nessus/42792", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libqt4-1521.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42792);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2700\");\n\n script_name(english:\"openSUSE Security Update : libqt4 (libqt4-1521)\");\n script_summary(english:\"Check for the libqt4-1521 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the handling of the subjectAltName field in SSL\ncertificates. (CVE-2009-2700)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=534081\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libqt4 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-qt3support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-qt3support-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-sql-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-sql-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-x11-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libqt4-4.4.3-4.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libqt4-devel-4.4.3-4.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libqt4-qt3support-4.4.3-4.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libqt4-sql-4.4.3-4.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libqt4-sql-sqlite-4.4.3-4.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libqt4-x11-4.4.3-4.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"libqt4-32bit-4.4.3-4.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"libqt4-qt3support-32bit-4.4.3-4.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"libqt4-sql-32bit-4.4.3-4.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"libqt4-x11-32bit-4.4.3-4.10.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libqt4\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T13:06:05", "description": "This update fixes the handling of the subjectAltName field in SSL certificates. (CVE-2009-2700)", "cvss3": {"score": null, "vector": null}, "published": "2009-11-13T00:00:00", "type": "nessus", "title": "SuSE 11 Security Update : libqt4 (SAT Patch Number 1522)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2700"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:libqt4", "p-cpe:/a:novell:suse_linux:11:libqt4-32bit", "p-cpe:/a:novell:suse_linux:11:libqt4-qt3support", "p-cpe:/a:novell:suse_linux:11:libqt4-qt3support-32bit", "p-cpe:/a:novell:suse_linux:11:libqt4-sql", "p-cpe:/a:novell:suse_linux:11:libqt4-sql-32bit", "p-cpe:/a:novell:suse_linux:11:libqt4-sql-sqlite", "p-cpe:/a:novell:suse_linux:11:libqt4-sql-sqlite-32bit", "p-cpe:/a:novell:suse_linux:11:libqt4-x11", "p-cpe:/a:novell:suse_linux:11:libqt4-x11-32bit", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_LIBQT4-091106.NASL", "href": "https://www.tenable.com/plugins/nessus/42793", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42793);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2700\");\n\n script_name(english:\"SuSE 11 Security Update : libqt4 (SAT Patch Number 1522)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the handling of the subjectAltName field in SSL\ncertificates. (CVE-2009-2700)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=534081\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2700.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 1522.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libqt4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libqt4-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libqt4-qt3support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libqt4-qt3support-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libqt4-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libqt4-sql-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libqt4-sql-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libqt4-sql-sqlite-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libqt4-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libqt4-x11-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"libqt4-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"libqt4-qt3support-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"libqt4-sql-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"libqt4-sql-sqlite-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"libqt4-x11-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libqt4-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libqt4-32bit-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libqt4-qt3support-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libqt4-qt3support-32bit-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libqt4-sql-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libqt4-sql-32bit-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libqt4-sql-sqlite-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libqt4-sql-sqlite-32bit-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libqt4-x11-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libqt4-x11-32bit-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"libqt4-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"libqt4-qt3support-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"libqt4-sql-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"libqt4-sql-sqlite-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"libqt4-x11-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"s390x\", reference:\"libqt4-32bit-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"s390x\", reference:\"libqt4-qt3support-32bit-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"s390x\", reference:\"libqt4-sql-32bit-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"s390x\", reference:\"libqt4-x11-32bit-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"libqt4-32bit-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"libqt4-qt3support-32bit-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"libqt4-sql-32bit-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"libqt4-x11-32bit-4.4.3-12.11.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T13:06:40", "description": "It was discovered that Qt did not properly handle certificates with NULL characters in the Subject Alternative Name field of X.509 certificates. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. (CVE-2009-2700).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-09-11T00:00:00", "type": "nessus", "title": "Ubuntu 8.04 LTS / 8.10 / 9.04 : qt4-x11 vulnerability (USN-829-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2700"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libqt4-assistant", "p-cpe:/a:canonical:ubuntu_linux:libqt4-core", "p-cpe:/a:canonical:ubuntu_linux:libqt4-dbg", "p-cpe:/a:canonical:ubuntu_linux:libqt4-dbus", "p-cpe:/a:canonical:ubuntu_linux:libqt4-debug", "p-cpe:/a:canonical:ubuntu_linux:libqt4-designer", "p-cpe:/a:canonical:ubuntu_linux:libqt4-dev", "p-cpe:/a:canonical:ubuntu_linux:libqt4-dev-dbg", "p-cpe:/a:canonical:ubuntu_linux:libqt4-gui", "p-cpe:/a:canonical:ubuntu_linux:libqt4-help", "p-cpe:/a:canonical:ubuntu_linux:libqt4-network", "p-cpe:/a:canonical:ubuntu_linux:libqt4-opengl", "p-cpe:/a:canonical:ubuntu_linux:libqt4-opengl-dev", "p-cpe:/a:canonical:ubuntu_linux:libqt4-qt3support", "p-cpe:/a:canonical:ubuntu_linux:libqt4-script", "p-cpe:/a:canonical:ubuntu_linux:libqt4-scripttools", "p-cpe:/a:canonical:ubuntu_linux:libqt4-sql", "p-cpe:/a:canonical:ubuntu_linux:libqt4-sql-mysql", "p-cpe:/a:canonical:ubuntu_linux:libqt4-sql-odbc", "p-cpe:/a:canonical:ubuntu_linux:libqt4-sql-psql", "p-cpe:/a:canonical:ubuntu_linux:libqt4-sql-sqlite", "p-cpe:/a:canonical:ubuntu_linux:libqt4-sql-sqlite2", "p-cpe:/a:canonical:ubuntu_linux:libqt4-svg", "p-cpe:/a:canonical:ubuntu_linux:libqt4-test", "p-cpe:/a:canonical:ubuntu_linux:libqt4-webkit", "p-cpe:/a:canonical:ubuntu_linux:libqt4-webkit-dbg", "p-cpe:/a:canonical:ubuntu_linux:libqt4-xml", "p-cpe:/a:canonical:ubuntu_linux:libqt4-xmlpatterns", "p-cpe:/a:canonical:ubuntu_linux:libqt4-xmlpatterns-dbg", "p-cpe:/a:canonical:ubuntu_linux:libqtcore4", "p-cpe:/a:canonical:ubuntu_linux:libqtgui4", "p-cpe:/a:canonical:ubuntu_linux:qt4-demos", "p-cpe:/a:canonical:ubuntu_linux:qt4-demos-dbg", "p-cpe:/a:canonical:ubuntu_linux:qt4-designer", "p-cpe:/a:canonical:ubuntu_linux:qt4-dev-tools", "p-cpe:/a:canonical:ubuntu_linux:qt4-dev-tools-dbg", "p-cpe:/a:canonical:ubuntu_linux:qt4-doc", "p-cpe:/a:canonical:ubuntu_linux:qt4-doc-html", "p-cpe:/a:canonical:ubuntu_linux:qt4-qmake", "p-cpe:/a:canonical:ubuntu_linux:qt4-qtconfig", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "cpe:/o:canonical:ubuntu_linux:8.10", "cpe:/o:canonical:ubuntu_linux:9.04"], "id": "UBUNTU_USN-829-1.NASL", "href": "https://www.tenable.com/plugins/nessus/40944", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-829-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40944);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2009-2700\");\n script_xref(name:\"USN\", value:\"829-1\");\n\n script_name(english:\"Ubuntu 8.04 LTS / 8.10 / 9.04 : qt4-x11 vulnerability (USN-829-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Qt did not properly handle certificates with\nNULL characters in the Subject Alternative Name field of X.509\ncertificates. An attacker could exploit this to perform a man in the\nmiddle attack to view sensitive information or alter encrypted\ncommunications. (CVE-2009-2700).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/829-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-assistant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-designer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-dev-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-help\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-opengl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-opengl-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-qt3support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-script\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-scripttools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-sql-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-sql-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-sql-psql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-sql-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-sql-sqlite2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-svg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-webkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-webkit-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-xmlpatterns\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-xmlpatterns-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqtcore4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqtgui4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:qt4-demos\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:qt4-demos-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:qt4-designer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:qt4-dev-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:qt4-dev-tools-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:qt4-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:qt4-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:qt4-qmake\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:qt4-qtconfig\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(8\\.04|8\\.10|9\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04 / 8.10 / 9.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libqt4-core\", pkgver:\"4.3.4-0ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libqt4-debug\", pkgver:\"4.3.4-0ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libqt4-dev\", pkgver:\"4.3.4-0ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libqt4-gui\", pkgver:\"4.3.4-0ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libqt4-qt3support\", pkgver:\"4.3.4-0ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libqt4-sql\", pkgver:\"4.3.4-0ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"qt4-designer\", pkgver:\"4.3.4-0ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"qt4-dev-tools\", pkgver:\"4.3.4-0ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"qt4-doc\", pkgver:\"4.3.4-0ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"qt4-qtconfig\", pkgver:\"4.3.4-0ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-assistant\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-core\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-dbg\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-dbus\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-designer\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-dev\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-gui\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-help\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-network\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-opengl\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-opengl-dev\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-qt3support\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-script\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-sql\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-sql-mysql\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-sql-odbc\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-sql-psql\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-sql-sqlite\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-sql-sqlite2\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-svg\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-test\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-webkit\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-webkit-dbg\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-xml\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-xmlpatterns\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-xmlpatterns-dbg\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqtcore4\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqtgui4\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"qt4-demos\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"qt4-designer\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"qt4-dev-tools\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"qt4-doc\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"qt4-doc-html\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"qt4-qtconfig\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-assistant\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-core\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-dbg\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-dbus\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-designer\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-dev\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-dev-dbg\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-gui\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-help\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-network\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-opengl\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-opengl-dev\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-qt3support\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-script\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-scripttools\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-sql\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-sql-mysql\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-sql-odbc\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-sql-psql\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-sql-sqlite\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-sql-sqlite2\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-svg\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-test\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-webkit\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-webkit-dbg\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-xml\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-xmlpatterns\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-xmlpatterns-dbg\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqtcore4\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqtgui4\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"qt4-demos\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"qt4-demos-dbg\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"qt4-designer\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"qt4-dev-tools\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"qt4-dev-tools-dbg\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"qt4-doc\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"qt4-doc-html\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"qt4-qmake\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"qt4-qtconfig\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libqt4-assistant / libqt4-core / libqt4-dbg / libqt4-dbus / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T13:06:05", "description": "This update fixes the handling of the subjectAltName field in SSL certificates. (CVE-2009-2700)", "cvss3": {"score": null, "vector": null}, "published": "2009-11-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libqt4 (libqt4-1521)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2700"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libqt4", "p-cpe:/a:novell:opensuse:libqt4-32bit", "p-cpe:/a:novell:opensuse:libqt4-devel", "p-cpe:/a:novell:opensuse:libqt4-qt3support", "p-cpe:/a:novell:opensuse:libqt4-qt3support-32bit", "p-cpe:/a:novell:opensuse:libqt4-sql", "p-cpe:/a:novell:opensuse:libqt4-sql-32bit", "p-cpe:/a:novell:opensuse:libqt4-sql-sqlite", "p-cpe:/a:novell:opensuse:libqt4-x11", "p-cpe:/a:novell:opensuse:libqt4-x11-32bit", "cpe:/o:novell:opensuse:11.0"], "id": "SUSE_11_0_LIBQT4-091106.NASL", "href": "https://www.tenable.com/plugins/nessus/42791", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libqt4-1521.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42791);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2700\");\n\n script_name(english:\"openSUSE Security Update : libqt4 (libqt4-1521)\");\n script_summary(english:\"Check for the libqt4-1521 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the handling of the subjectAltName field in SSL\ncertificates. (CVE-2009-2700)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=534081\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libqt4 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-qt3support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-qt3support-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-sql-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-sql-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-x11-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libqt4-4.4.0-12.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libqt4-devel-4.4.0-12.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libqt4-qt3support-4.4.0-12.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libqt4-sql-4.4.0-12.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libqt4-sql-sqlite-4.4.0-12.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libqt4-x11-4.4.0-12.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"libqt4-32bit-4.4.0-12.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"libqt4-qt3support-32bit-4.4.0-12.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"libqt4-sql-32bit-4.4.0-12.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"libqt4-x11-32bit-4.4.0-12.8\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libqt4\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T13:06:47", "description": "security fix for CVE-2009-2700\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-09-03T00:00:00", "type": "nessus", "title": "Fedora 11 : qt-4.5.2-3.fc11 (2009-9231)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2700"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:qt", "cpe:/o:fedoraproject:fedora:11"], "id": "FEDORA_2009-9231.NASL", "href": "https://www.tenable.com/plugins/nessus/40855", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-9231.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40855);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-2700\");\n script_xref(name:\"FEDORA\", value:\"2009-9231\");\n\n script_name(english:\"Fedora 11 : qt-4.5.2-3.fc11 (2009-9231)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"security fix for CVE-2009-2700\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=520435\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-September/028708.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?12e83811\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected qt package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:qt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^11([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 11.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC11\", reference:\"qt-4.5.2-3.fc11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qt\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T13:02:29", "description": "An invalid character reference causing a buffer overflow in khtml has been fixed in the kdelibs package. CVE-2009-1725 has been assigned to this issue.", "cvss3": {"score": null, "vector": null}, "published": "2010-12-09T00:00:00", "type": "nessus", "title": "SuSE 11 Security Update : kdelibs (SAT Patch Number 3450)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1725"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:kdelibs3", "p-cpe:/a:novell:suse_linux:11:kdelibs3-32bit", "p-cpe:/a:novell:suse_linux:11:kdelibs3-default-style", "p-cpe:/a:novell:suse_linux:11:kdelibs3-default-style-32bit", "p-cpe:/a:novell:suse_linux:11:kdelibs4", "p-cpe:/a:novell:suse_linux:11:kdelibs4-core", "p-cpe:/a:novell:suse_linux:11:libkde4", "p-cpe:/a:novell:suse_linux:11:libkde4-32bit", "p-cpe:/a:novell:suse_linux:11:libkdecore4", "p-cpe:/a:novell:suse_linux:11:libkdecore4-32bit", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_KDELIBS3-101103.NASL", "href": "https://www.tenable.com/plugins/nessus/51088", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51088);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1725\");\n\n script_name(english:\"SuSE 11 Security Update : kdelibs (SAT Patch Number 3450)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An invalid character reference causing a buffer overflow in khtml has\nbeen fixed in the kdelibs package. CVE-2009-1725 has been assigned to\nthis issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=512559\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=600469\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1725.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 3450.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kdelibs3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kdelibs3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kdelibs3-default-style\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kdelibs3-default-style-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kdelibs4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kdelibs4-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libkde4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libkde4-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libkdecore4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libkdecore4-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kdelibs3-3.5.10-23.30.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kdelibs3-default-style-3.5.10-23.30.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kdelibs4-4.1.3-8.21.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kdelibs4-core-4.1.3-8.21.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"libkde4-4.1.3-8.21.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"libkdecore4-4.1.3-8.21.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kdelibs3-3.5.10-23.30.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kdelibs3-default-style-3.5.10-23.30.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kdelibs4-4.1.3-8.21.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kdelibs4-core-4.1.3-8.21.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libkde4-4.1.3-8.21.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libkdecore4-4.1.3-8.21.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"kdelibs3-3.5.10-23.30.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"kdelibs3-default-style-3.5.10-23.30.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"kdelibs4-4.1.3-8.21.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"kdelibs4-core-4.1.3-8.21.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"libkde4-4.1.3-8.21.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"libkdecore4-4.1.3-8.21.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"s390x\", reference:\"kdelibs3-32bit-3.5.10-23.30.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"s390x\", reference:\"kdelibs3-default-style-32bit-3.5.10-23.30.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"s390x\", reference:\"libkde4-32bit-4.1.3-8.21.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"s390x\", reference:\"libkdecore4-32bit-4.1.3-8.21.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"kdelibs3-32bit-3.5.10-23.30.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"kdelibs3-default-style-32bit-3.5.10-23.30.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"libkde4-32bit-4.1.3-8.21.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"libkdecore4-32bit-4.1.3-8.21.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:07:00", "description": "Qt's WebKit code did not properly handle numeric character references, which could allow remote attackers to cause a denial of service (memory corruption and application crash) via a crafted HTML document.\nAlso included is: * a fix for lib symlinks changing erroneously on upgrades * a fix for Copy and paste issues * added support for more x keycodes\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-08-24T00:00:00", "type": "nessus", "title": "Fedora 10 : qt-4.5.2-2.fc10 (2009-8802)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1725"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:qt", "cpe:/o:fedoraproject:fedora:10"], "id": "FEDORA_2009-8802.NASL", "href": "https://www.tenable.com/plugins/nessus/40681", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-8802.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40681);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-1725\");\n script_xref(name:\"FEDORA\", value:\"2009-8802\");\n\n script_name(english:\"Fedora 10 : qt-4.5.2-2.fc10 (2009-8802)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Qt's WebKit code did not properly handle numeric character references,\nwhich could allow remote attackers to cause a denial of service\n(memory corruption and application crash) via a crafted HTML document.\nAlso included is: * a fix for lib symlinks changing erroneously on\nupgrades * a fix for Copy and paste issues * added support for more x\nkeycodes\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=513813\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-August/028203.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?27f76569\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected qt package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:qt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/08/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/08/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"qt-4.5.2-2.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qt\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:06:55", "description": "Qt's WebKit code did not properly handle numeric character references, which could allow remote attackers to cause a denial of service (memory corruption and application crash) via a crafted HTML document.\nAlso included is: * a fix for lib symlinks changing erroneously on upgrades * a fix for Copy and paste issues * added support for more x keycodes\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-08-24T00:00:00", "type": "nessus", "title": "Fedora 11 : qt-4.5.2-2.fc11 (2009-8800)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1725"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:qt", "cpe:/o:fedoraproject:fedora:11"], "id": "FEDORA_2009-8800.NASL", "href": "https://www.tenable.com/plugins/nessus/40680", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-8800.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40680);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-1725\");\n script_xref(name:\"FEDORA\", value:\"2009-8800\");\n\n script_name(english:\"Fedora 11 : qt-4.5.2-2.fc11 (2009-8800)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Qt's WebKit code did not properly handle numeric character references,\nwhich could allow remote attackers to cause a denial of service\n(memory corruption and application crash) via a crafted HTML document.\nAlso included is: * a fix for lib symlinks changing erroneously on\nupgrades * a fix for Copy and paste issues * added support for more x\nkeycodes\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=513813\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-August/028201.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e1e0fd2f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected qt package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:qt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/08/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/08/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^11([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 11.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC11\", reference:\"qt-4.5.2-2.fc11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qt\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:01:03", "description": "An invalid character reference causing a buffer overflow in khtml has been fixed in the kdelibs package. CVE-2009-1725 has been assigned to this issue.", "cvss3": {"score": null, "vector": null}, "published": "2011-05-05T00:00:00", "type": "nessus", "title": "openSUSE Security Update : kdelibs4 (openSUSE-SU-2010:1036-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1725"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kdelibs4", "p-cpe:/a:novell:opensuse:kdelibs4-core", "p-cpe:/a:novell:opensuse:libkde4", "p-cpe:/a:novell:opensuse:libkde4-32bit", "p-cpe:/a:novell:opensuse:libkde4-devel", "p-cpe:/a:novell:opensuse:libkdecore4", "p-cpe:/a:novell:opensuse:libkdecore4-32bit", "p-cpe:/a:novell:opensuse:libkdecore4-devel", "cpe:/o:novell:opensuse:11.1"], "id": "SUSE_11_1_KDELIBS4-101103.NASL", "href": "https://www.tenable.com/plugins/nessus/53667", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update kdelibs4-3451.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(53667);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1725\");\n\n script_name(english:\"openSUSE Security Update : kdelibs4 (openSUSE-SU-2010:1036-1)\");\n script_summary(english:\"Check for the kdelibs4-3451 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An invalid character reference causing a buffer overflow in khtml has\nbeen fixed in the kdelibs package. CVE-2009-1725 has been assigned to\nthis issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=512559\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=600469\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-12/msg00021.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kdelibs4 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kdelibs4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kdelibs4-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libkde4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libkde4-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libkde4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libkdecore4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libkdecore4-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libkdecore4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kdelibs4-4.1.3-4.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kdelibs4-core-4.1.3-4.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libkde4-4.1.3-4.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libkde4-devel-4.1.3-4.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libkdecore4-4.1.3-4.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libkdecore4-devel-4.1.3-4.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"libkde4-32bit-4.1.3-4.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"libkdecore4-32bit-4.1.3-4.12.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kdelibs\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-27T14:57:03", "description": "A vulnerability has been found and corrected in qt4 :\n\nsrc/network/ssl/qsslcertificate.cpp in Nokia Trolltech Qt 4.x does not properly handle a '&#0;' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408 (CVE-2009-2700).\n\nThis update provides a solution to this vulnerability.", "cvss3": {"score": null, "vector": null}, "published": "2009-09-09T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : qt4 (MDVSA-2009:225)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2408", "CVE-2009-2700"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lib64qassistant4", "p-cpe:/a:mandriva:linux:lib64qt3support4", "p-cpe:/a:mandriva:linux:lib64qt4-devel", "p-cpe:/a:mandriva:linux:lib64qtclucene4", "p-cpe:/a:mandriva:linux:lib64qtcore4", "p-cpe:/a:mandriva:linux:lib64qtdbus4", "p-cpe:/a:mandriva:linux:lib64qtdesigner4", "p-cpe:/a:mandriva:linux:lib64qtgui4", "p-cpe:/a:mandriva:linux:lib64qthelp4", "p-cpe:/a:mandriva:linux:lib64qtnetwork4", "p-cpe:/a:mandriva:linux:lib64qtopengl4", "p-cpe:/a:mandriva:linux:lib64qtscript4", "p-cpe:/a:mandriva:linux:lib64qtscripttools4", "p-cpe:/a:mandriva:linux:lib64qtsql4", "p-cpe:/a:mandriva:linux:lib64qtsvg4", "p-cpe:/a:mandriva:linux:lib64qttest4", "p-cpe:/a:mandriva:linux:lib64qtwebkit4", "p-cpe:/a:mandriva:linux:lib64qtxml4", "p-cpe:/a:mandriva:linux:lib64qtxmlpatterns4", "p-cpe:/a:mandriva:linux:libqassistant4", "p-cpe:/a:mandriva:linux:libqt3support4", "p-cpe:/a:mandriva:linux:libqt4-devel", "p-cpe:/a:mandriva:linux:libqtclucene4", "p-cpe:/a:mandriva:linux:libqtcore4", "p-cpe:/a:mandriva:linux:libqtdbus4", "p-cpe:/a:mandriva:linux:libqtdesigner4", "p-cpe:/a:mandriva:linux:libqtgui4", "p-cpe:/a:mandriva:linux:libqthelp4", "p-cpe:/a:mandriva:linux:libqtnetwork4", "p-cpe:/a:mandriva:linux:libqtopengl4", "p-cpe:/a:mandriva:linux:libqtscript4", "p-cpe:/a:mandriva:linux:libqtscripttools4", "p-cpe:/a:mandriva:linux:libqtsql4", "p-cpe:/a:mandriva:linux:libqtsvg4", "p-cpe:/a:mandriva:linux:libqttest4", "p-cpe:/a:mandriva:linux:libqtwebkit4", "p-cpe:/a:mandriva:linux:libqtxml4", "p-cpe:/a:mandriva:linux:libqtxmlpatterns4", "p-cpe:/a:mandriva:linux:qt4-accessibility-plugin", "p-cpe:/a:mandriva:linux:qt4-assistant", "p-cpe:/a:mandriva:linux:qt4-common", "p-cpe:/a:mandriva:linux:qt4-database-plugin-mysql", "p-cpe:/a:mandriva:linux:qt4-database-plugin-odbc", "p-cpe:/a:mandriva:linux:qt4-database-plugin-pgsql", "p-cpe:/a:mandriva:linux:qt4-database-plugin-sqlite", "p-cpe:/a:mandriva:linux:qt4-database-plugin-tds", "p-cpe:/a:mandriva:linux:qt4-designer", "p-cpe:/a:mandriva:linux:qt4-doc", "p-cpe:/a:mandriva:linux:qt4-examples", "p-cpe:/a:mandriva:linux:qt4-graphicssystems-plugin", "p-cpe:/a:mandriva:linux:qt4-linguist", "p-cpe:/a:mandriva:linux:qt4-qdoc3", "p-cpe:/a:mandriva:linux:qt4-qtconfig", "p-cpe:/a:mandriva:linux:qt4-qtdbus", "p-cpe:/a:mandriva:linux:qt4-qvfb", "p-cpe:/a:mandriva:linux:qt4-xmlpatterns", "cpe:/o:mandriva:linux:2009.0", "cpe:/o:mandriva:linux:2009.1"], "id": "MANDRIVA_MDVSA-2009-225.NASL", "href": "https://www.tenable.com/plugins/nessus/40900", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:225. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40900);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-2700\");\n script_xref(name:\"MDVSA\", value:\"2009:225\");\n\n script_name(english:\"Mandriva Linux Security Advisory : qt4 (MDVSA-2009:225)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability has been found and corrected in qt4 :\n\nsrc/network/ssl/qsslcertificate.cpp in Nokia Trolltech Qt 4.x does not\nproperly handle a '&#0;' character in a domain name in the Subject\nAlternative Name field of an X.509 certificate, which allows\nman-in-the-middle attackers to spoof arbitrary SSL servers via a\ncrafted certificate issued by a legitimate Certification Authority, a\nrelated issue to CVE-2009-2408 (CVE-2009-2700).\n\nThis update provides a solution to this vulnerability.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qassistant4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qt3support4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qt4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qtclucene4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qtcore4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qtdbus4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qtdesigner4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qtgui4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qthelp4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qtnetwork4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qtopengl4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qtscript4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qtscripttools4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qtsql4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qtsvg4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qttest4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qtwebkit4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qtxml4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qtxmlpatterns4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqassistant4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqt3support4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqt4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqtclucene4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqtcore4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqtdbus4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqtdesigner4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqtgui4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqthelp4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqtnetwork4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqtopengl4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqtscript4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqtscripttools4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqtsql4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqtsvg4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqttest4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqtwebkit4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqtxml4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqtxmlpatterns4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qt4-accessibility-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qt4-assistant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qt4-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qt4-database-plugin-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qt4-database-plugin-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qt4-database-plugin-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qt4-database-plugin-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qt4-database-plugin-tds\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qt4-designer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qt4-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qt4-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qt4-graphicssystems-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qt4-linguist\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qt4-qdoc3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qt4-qtconfig\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qt4-qtdbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qt4-qvfb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qt4-xmlpatterns\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64qassistant4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64qt3support4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64qt4-devel-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64qtclucene4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64qtcore4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64qtdbus4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64qtdesigner4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64qtgui4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64qthelp4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64qtnetwork4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64qtopengl4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64qtscript4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64qtscripttools4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64qtsql4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64qtsvg4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64qttest4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64qtwebkit4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64qtxml4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64qtxmlpatterns4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libqassistant4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libqt3support4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libqt4-devel-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libqtclucene4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libqtcore4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libqtdbus4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libqtdesigner4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libqtgui4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libqthelp4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libqtnetwork4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libqtopengl4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libqtscript4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libqtscripttools4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libqtsql4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libqtsvg4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libqttest4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libqtwebkit4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libqtxml4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libqtxmlpatterns4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qt4-accessibility-plugin-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qt4-assistant-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qt4-common-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qt4-database-plugin-mysql-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qt4-database-plugin-odbc-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qt4-database-plugin-pgsql-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qt4-database-plugin-sqlite-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qt4-database-plugin-tds-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qt4-designer-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qt4-doc-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qt4-examples-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qt4-graphicssystems-plugin-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qt4-linguist-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qt4-qdoc3-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qt4-qtconfig-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qt4-qtdbus-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qt4-qvfb-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qt4-xmlpatterns-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64qassistant4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64qt3support4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64qt4-devel-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64qtclucene4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64qtcore4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64qtdbus4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64qtdesigner4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64qtgui4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64qthelp4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64qtnetwork4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64qtopengl4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64qtscript4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64qtscripttools4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64qtsql4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64qtsvg4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64qttest4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64qtwebkit4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64qtxml4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64qtxmlpatterns4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libqassistant4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libqt3support4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libqt4-devel-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libqtclucene4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libqtcore4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libqtdbus4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libqtdesigner4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libqtgui4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libqthelp4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libqtnetwork4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libqtopengl4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libqtscript4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libqtscripttools4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libqtsql4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libqtsvg4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libqttest4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libqtwebkit4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libqtxml4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libqtxmlpatterns4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"qt4-accessibility-plugin-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"qt4-assistant-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"qt4-common-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"qt4-database-plugin-mysql-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"qt4-database-plugin-odbc-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"qt4-database-plugin-pgsql-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"qt4-database-plugin-sqlite-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"qt4-database-plugin-tds-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"qt4-designer-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"qt4-doc-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"qt4-examples-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"qt4-graphicssystems-plugin-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"qt4-linguist-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"qt4-qdoc3-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"qt4-qtconfig-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"qt4-qtdbus-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"qt4-qvfb-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"qt4-xmlpatterns-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T13:19:17", "description": "The version of Safari installed on the remote host is earlier than 4.0.2. Such versions are potentially affected by two issues : \n\n - A vulnerability in WebKit's handling of parent and top objects may allow for cross-site scripting attacks. (CVE-2009-1724)\n\n - A memory corruption in WebKit's handling of numeric character references could lead to a crash or arbitrary code execution. (CVE-2009-1725)", "cvss3": {"score": 5.6, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}, "published": "2004-08-18T00:00:00", "type": "nessus", "title": "Safari < 4.0.2 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1724", "CVE-2009-1725"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*"], "id": "5094.PRM", "href": "https://www.tenable.com/plugins/nnm/5094", "sourceData": "Binary data 5094.prm", "cvss": {"score": 6.8, "vector": "CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-18T14:10:47", "description": "The version of Apple Safari installed on the remote Mac OS X host is earlier than 4.0.2 As such, it is potentially affected by two issues :\n\n - A vulnerability in WebKit's handling of parent and top objects may allow for cross-site scripting attacks.\n (CVE-2009-1724)\n\n - A memory corruption issue in WebKit's handling of numeric character references could lead to a crash or arbitrary code execution. (CVE-2009-1725)", "cvss3": {"score": null, "vector": null}, "published": "2009-07-09T00:00:00", "type": "nessus", "title": "Mac OS X : Apple Safari < 4.0.2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1724", "CVE-2009-1725"], "modified": "2018-07-14T00:00:00", "cpe": ["cpe:/a:apple:safari"], "id": "MACOSX_SAFARI4_0_2.NASL", "href": "https://www.tenable.com/plugins/nessus/39768", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(39768);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/07/14 1:59:35\");\n\n script_cve_id(\"CVE-2009-1724\", \"CVE-2009-1725\");\n script_bugtraq_id(35441, 35607);\n\n script_name(english:\"Mac OS X : Apple Safari < 4.0.2\");\n script_summary(english:\"Check the Safari SourceVersion\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote host contains a web browser that is affected by several\nvulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The version of Apple Safari installed on the remote Mac OS X host is\nearlier than 4.0.2 As such, it is potentially affected by two issues :\n\n - A vulnerability in WebKit's handling of parent and top\n objects may allow for cross-site scripting attacks.\n (CVE-2009-1724)\n\n - A memory corruption issue in WebKit's handling of\n numeric character references could lead to a crash or\n arbitrary code execution. (CVE-2009-1725)\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://support.apple.com/kb/HT3666\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://lists.apple.com/archives/security-announce/2009/Jul/msg00000.html\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://www.securityfocus.com/advisories/17297\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Apple Safari 4.0.2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(79, 189);\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:safari\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n \n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n \n script_dependencies(\"macosx_Safari31.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/uname\", \"Host/MacOSX/Version\", \"MacOSX/Safari/Installed\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\nuname = get_kb_item_or_exit(\"Host/uname\");\nif (!egrep(pattern:\"Darwin.* (8\\.|9\\.([0-6]\\.|7\\.[01][^0-9]))\", string:uname)) audit(AUDIT_OS_NOT, \"Mac OS X 10.4 / 10.5\");\n\n\nget_kb_item_or_exit(\"MacOSX/Safari/Installed\");\npath = get_kb_item_or_exit(\"MacOSX/Safari/Path\", exit_code:1);\nversion = get_kb_item_or_exit(\"MacOSX/Safari/Version\", exit_code:1);\n\nfixed_version = \"4.0.2\";\n\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)\n{\n set_kb_item(name:'www/0/XSS', value:TRUE);\n if (report_verbosity > 0)\n {\n report = \n '\\n Installed version : ' + version + \n '\\n Fixed version : ' + fixed_version + '\\n';\n security_hole(port:0, extra:report);\n }\n else security_hole(0);\n}\nelse audit(AUDIT_INST_VER_NOT_VULN, \"Safari\", version);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:07:24", "description": "The version of Safari installed on the remote Windows host is earlier than 4.0.2. Such versions are potentially affected by two issues :\n\n - A vulnerability in WebKit's handling of parent and top objects may allow for cross-site scripting attacks.\n (CVE-2009-1724)\n\n - A memory corruption issue in WebKit's handling of numeric character references could lead to a crash or arbitrary code execution. (CVE-2009-1725)", "cvss3": {"score": null, "vector": null}, "published": "2009-07-09T00:00:00", "type": "nessus", "title": "Safari < 4.0.2 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1724", "CVE-2009-1725"], "modified": "2018-07-27T00:00:00", "cpe": ["cpe:/a:apple:safari"], "id": "SAFARI_4_0_2.NASL", "href": "https://www.tenable.com/plugins/nessus/39767", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(39767);\n script_version(\"1.12\");\n\n\n script_cve_id(\"CVE-2009-1724\", \"CVE-2009-1725\");\n script_bugtraq_id(35441, 35607);\n\n script_name(english:\"Safari < 4.0.2 Multiple Vulnerabilities\");\n script_summary(english:\"Checks Safari's version number\");\n\n script_set_attribute( attribute:\"synopsis\", value:\n\"The remote host contains a web browser that is affected by several\nvulnerabilities.\" );\n script_set_attribute( attribute:\"description\", value:\n\"The version of Safari installed on the remote Windows host is earlier\nthan 4.0.2. Such versions are potentially affected by two issues :\n\n - A vulnerability in WebKit's handling of parent and top\n objects may allow for cross-site scripting attacks.\n (CVE-2009-1724)\n\n - A memory corruption issue in WebKit's handling of\n numeric character references could lead to a crash or \n arbitrary code execution. (CVE-2009-1725)\" );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://support.apple.com/kb/HT3666\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://lists.apple.com/archives/security-announce/2009/Jul/msg00000.html\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://www.securityfocus.com/advisories/17297\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade to Safari 4.0.2 or later.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(79, 189);\n script_set_attribute(\n attribute:\"patch_publication_date\", \n value:\"2009/07/08\"\n );\n script_set_attribute(\n attribute:\"plugin_publication_date\", \n value:\"2009/07/09\"\n );\n script_cvs_date(\"Date: 2018/07/27 18:38:15\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:safari\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"safari_installed.nasl\");\n script_require_keys(\"SMB/Safari/FileVersion\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\n\n\npath = get_kb_item(\"SMB/Safari/Path\");\nversion = get_kb_item(\"SMB/Safari/FileVersion\");\nif (isnull(version)) exit(0);\n\nver = split(version, sep:'.', keep:FALSE);\nfor (i=0; i<max_index(ver); i++)\n ver[i] = int(ver[i]);\n\nif (\n ver[0] < 4 ||\n (\n ver[0] == 4 &&\n (\n ver[1] < 530 ||\n (\n ver[1] == 530 && \n (\n ver[2] < 19 ||\n (ver[2] == 19 && ver[3] < 1)\n )\n )\n )\n )\n)\n{\n if (report_verbosity > 0)\n {\n if (isnull(path)) path = \"n/a\";\n\n prod_version = get_kb_item(\"SMB/Safari/ProductVersion\");\n if (!isnull(prod_version)) version = prod_version;\n\n report = string(\n \"\\n\",\n \"Nessus collected the following information about the current install\\n\",\n \"of Safari on the remote host :\\n\",\n \"\\n\",\n \" Version : \", version, \"\\n\",\n \" Path : \", path, \"\\n\"\n );\n security_hole(port:get_kb_item(\"SMB/transport\"), extra:report);\n }\n else security_hole(get_kb_item(\"SMB/transport\"));\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-16T14:24:40", "description": "Several vulnerabilities have been discovered in qt4-x11, a cross-platform C++ application framework. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2009-0945 Array index error in the insertItemBefore method in WebKit, as used in qt4-x11, allows remote attackers to execute arbitrary code.\n\n - CVE-2009-1687 The JavaScript garbage collector in WebKit, as used in qt4-x11 does not properly handle allocation failures, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document that triggers write access to an 'offset of a NULL pointer.\n\n - CVE-2009-1690 Use-after-free vulnerability in WebKit, as used in qt4-x11, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by setting an unspecified property of an HTML tag that causes child elements to be freed and later accessed when an HTML error occurs.\n\n - CVE-2009-1698 WebKit in qt4-x11 does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a large numerical argument, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.\n\n - CVE-2009-1699 The XSL stylesheet implementation in WebKit, as used in qt4-x11 does not properly handle XML external entities, which allows remote attackers to read arbitrary files via a crafted DTD.\n\n - CVE-2009-1711 WebKit in qt4-x11 does not properly initialize memory for Attr DOM objects, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document.\n\n - CVE-2009-1712 WebKit in qt4-x11 does not prevent remote loading of local Java applets, which allows remote attackers to execute arbitrary code, gain privileges, or obtain sensitive information via an APPLET or OBJECT element.\n\n - CVE-2009-1713 The XSLT functionality in WebKit, as used in qt4-x11 does not properly implement the document function, which allows remote attackers to read arbitrary local files and files from different security zones.\n\n - CVE-2009-1725 WebKit in qt4-x11 does not properly handle numeric character references, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.\n\n - CVE-2009-2700 qt4-x11 does not properly handle a '\\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.\n\nThe oldstable distribution (etch) is not affected by these problems.", "cvss3": {"score": null, "vector": null}, "published": "2010-02-24T00:00:00", "type": "nessus", "title": "Debian DSA-1988-1 : qt4-x11 - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0945", "CVE-2009-1687", "CVE-2009-1690", "CVE-2009-1698", "CVE-2009-1699", "CVE-2009-1711", "CVE-2009-1712", "CVE-2009-1713", "CVE-2009-1725", "CVE-2009-2700"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:qt4-x11", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-1988.NASL", "href": "https://www.tenable.com/plugins/nessus/44852", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1988. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44852);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-0945\", \"CVE-2009-1687\", \"CVE-2009-1690\", \"CVE-2009-1698\", \"CVE-2009-1699\", \"CVE-2009-1711\", \"CVE-2009-1712\", \"CVE-2009-1713\", \"CVE-2009-1725\", \"CVE-2009-2700\");\n script_bugtraq_id(34924, 35271, 35309, 35318);\n script_xref(name:\"DSA\", value:\"1988\");\n\n script_name(english:\"Debian DSA-1988-1 : qt4-x11 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in qt4-x11, a\ncross-platform C++ application framework. The Common Vulnerabilities\nand Exposures project identifies the following problems :\n\n - CVE-2009-0945\n Array index error in the insertItemBefore method in\n WebKit, as used in qt4-x11, allows remote attackers to\n execute arbitrary code.\n\n - CVE-2009-1687\n The JavaScript garbage collector in WebKit, as used in\n qt4-x11 does not properly handle allocation failures,\n which allows remote attackers to execute arbitrary code\n or cause a denial of service (memory corruption and\n application crash) via a crafted HTML document that\n triggers write access to an 'offset of a NULL pointer.\n\n - CVE-2009-1690\n Use-after-free vulnerability in WebKit, as used in\n qt4-x11, allows remote attackers to execute arbitrary\n code or cause a denial of service (memory corruption and\n application crash) by setting an unspecified property of\n an HTML tag that causes child elements to be freed and\n later accessed when an HTML error occurs.\n\n - CVE-2009-1698\n WebKit in qt4-x11 does not initialize a pointer during\n handling of a Cascading Style Sheets (CSS) attr function\n call with a large numerical argument, which allows\n remote attackers to execute arbitrary code or cause a\n denial of service (memory corruption and application\n crash) via a crafted HTML document.\n\n - CVE-2009-1699\n The XSL stylesheet implementation in WebKit, as used in\n qt4-x11 does not properly handle XML external entities,\n which allows remote attackers to read arbitrary files\n via a crafted DTD.\n\n - CVE-2009-1711\n WebKit in qt4-x11 does not properly initialize memory\n for Attr DOM objects, which allows remote attackers to\n execute arbitrary code or cause a denial of service\n (application crash) via a crafted HTML document.\n\n - CVE-2009-1712\n WebKit in qt4-x11 does not prevent remote loading of\n local Java applets, which allows remote attackers to\n execute arbitrary code, gain privileges, or obtain\n sensitive information via an APPLET or OBJECT element.\n\n - CVE-2009-1713\n The XSLT functionality in WebKit, as used in qt4-x11\n does not properly implement the document function, which\n allows remote attackers to read arbitrary local files\n and files from different security zones.\n\n - CVE-2009-1725\n WebKit in qt4-x11 does not properly handle numeric\n character references, which allows remote attackers to\n execute arbitrary code or cause a denial of service\n (memory corruption and application crash) via a crafted\n HTML document.\n\n - CVE-2009-2700\n qt4-x11 does not properly handle a '\\0' character in a\n domain name in the Subject Alternative Name field of an\n X.509 certificate, which allows man-in-the-middle\n attackers to spoof arbitrary SSL servers via a crafted\n certificate issued by a legitimate Certification\n Authority.\n\nThe oldstable distribution (etch) is not affected by these problems.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=532718\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534946\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=538347\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545793\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0945\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1687\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1690\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1698\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1699\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1711\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1712\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1713\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1725\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-2700\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2010/dsa-1988\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the qt4-x11 packages.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 4.4.3-1+lenny1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(94, 189, 200, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qt4-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/05/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/02/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"libqt4-assistant\", reference:\"4.4.3-1+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libqt4-core\", reference:\"4.4.3-1+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libqt4-dbg\", reference:\"4.4.3-1+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libqt4-dbus\", reference:\"4.4.3-1+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libqt4-designer\", reference:\"4.4.3-1+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libqt4-dev\", reference:\"4.4.3-1+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libqt4-gui\", reference:\"4.4.3-1+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libqt4-help\", reference:\"4.4.3-1+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libqt4-network\", reference:\"4.4.3-1+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libqt4-opengl\", reference:\"4.4.3-1+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libqt4-opengl-dev\", reference:\"4.4.3-1+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libqt4-qt3support\", reference:\"4.4.3-1+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libqt4-script\", reference:\"4.4.3-1+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libqt4-sql\", reference:\"4.4.3-1+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libqt4-sql-ibase\", reference:\"4.4.3-1+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libqt4-sql-mysql\", reference:\"4.4.3-1+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libqt4-sql-odbc\", reference:\"4.4.3-1+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libqt4-sql-psql\", reference:\"4.4.3-1+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libqt4-sql-sqlite\", reference:\"4.4.3-1+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libqt4-sql-sqlite2\", reference:\"4.4.3-1+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libqt4-svg\", reference:\"4.4.3-1+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libqt4-test\", reference:\"4.4.3-1+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libqt4-webkit\", reference:\"4.4.3-1+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libqt4-webkit-dbg\", reference:\"4.4.3-1+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libqt4-xml\", reference:\"4.4.3-1+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libqt4-xmlpatterns\", reference:\"4.4.3-1+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libqt4-xmlpatterns-dbg\", reference:\"4.4.3-1+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libqtcore4\", reference:\"4.4.3-1+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libqtgui4\", reference:\"4.4.3-1+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"qt4-demos\", reference:\"4.4.3-1+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"qt4-designer\", reference:\"4.4.3-1+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"qt4-dev-tools\", reference:\"4.4.3-1+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"qt4-doc\", reference:\"4.4.3-1+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"qt4-doc-html\", reference:\"4.4.3-1+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"qt4-qmake\", reference:\"4.4.3-1+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"qt4-qtconfig\", reference:\"4.4.3-1+lenny1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-16T14:40:00", "description": "An invalid character reference causing a buffer overflow in khtml has been fixed in the kdelibs package. CVE-2009-1725 has been assigned to this issue.", "cvss3": {"score": null, "vector": null}, "published": "2010-12-09T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : kdelibs (ZYPP Patch Number 7217)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1687", "CVE-2009-1690", "CVE-2009-1698", "CVE-2009-1725"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KDELIBS3-7217.NASL", "href": "https://www.tenable.com/plugins/nessus/51089", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51089);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1687\", \"CVE-2009-1690\", \"CVE-2009-1698\", \"CVE-2009-1725\");\n\n script_name(english:\"SuSE 10 Security Update : kdelibs (ZYPP Patch Number 7217)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An invalid character reference causing a buffer overflow in khtml has\nbeen fixed in the kdelibs package. CVE-2009-1725 has been assigned to\nthis issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1687.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1690.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1698.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1725.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 7217.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(94, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/06/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"kdelibs3-3.5.1-49.55.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"kdelibs3-arts-3.5.1-49.55.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"kdelibs3-devel-3.5.1-49.55.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"kdelibs3-doc-3.5.1-49.55.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"kdelibs3-32bit-3.5.1-49.55.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"kdelibs3-arts-32bit-3.5.1-49.55.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"kdelibs3-3.5.1-49.55.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"kdelibs3-arts-3.5.1-49.55.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"kdelibs3-devel-3.5.1-49.55.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"kdelibs3-doc-3.5.1-49.55.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"kdelibs3-32bit-3.5.1-49.55.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"kdelibs3-arts-32bit-3.5.1-49.55.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-16T14:33:39", "description": "This update fixes several security issues in the KDE 3 compatibility version of KHTML (CVE-2009-1725, CVE-2009-1690, CVE-2009-1687, CVE-2009-1698, CVE-2009-2537) which may lead to a denial of service or potentially even arbitrary code execution. In addition, the package was fixed to build with the latest version of automake, and the following fixes and improvements were merged from the Fedora 11 package: * slight speedup to /etc/profile.d/kde.sh,\n\n - fixed unowned directories, * fixed harmless (as the file contents match) file conflicts with KDE 4.2.x, * fixed build with GCC 4.4 (but this package is built with Fedora 10's GCC 4.3.2), * moved Qt Designer plugins to the runtime package as they can be needed at runtime (e.g. by PyKDE programs), * kdelibs3-apidocs is now a noarch subpackage.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-07-29T00:00:00", "type": "nessus", "title": "Fedora 10 : kdelibs3-3.5.10-13.fc10 (2009-8020)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1687", "CVE-2009-1690", "CVE-2009-1698", "CVE-2009-1725", "CVE-2009-2537"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kdelibs3", "cpe:/o:fedoraproject:fedora:10"], "id": "FEDORA_2009-8020.NASL", "href": "https://www.tenable.com/plugins/nessus/40411", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-8020.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40411);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-1687\", \"CVE-2009-1690\", \"CVE-2009-1698\", \"CVE-2009-1725\", \"CVE-2009-2537\");\n script_xref(name:\"FEDORA\", value:\"2009-8020\");\n\n script_name(english:\"Fedora 10 : kdelibs3-3.5.10-13.fc10 (2009-8020)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes several security issues in the KDE 3 compatibility\nversion of KHTML (CVE-2009-1725, CVE-2009-1690, CVE-2009-1687,\nCVE-2009-1698, CVE-2009-2537) which may lead to a denial of service or\npotentially even arbitrary code execution. In addition, the package\nwas fixed to build with the latest version of automake, and the\nfollowing fixes and improvements were merged from the Fedora 11\npackage: * slight speedup to /etc/profile.d/kde.sh,\n\n - fixed unowned directories, * fixed harmless (as the file\n contents match) file conflicts with KDE 4.2.x, * fixed\n build with GCC 4.4 (but this package is built with\n Fedora 10's GCC 4.3.2), * moved Qt Designer plugins to\n the runtime package as they can be needed at runtime\n (e.g. by PyKDE programs), * kdelibs3-apidocs is now a\n noarch subpackage.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=505571\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=506453\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=506469\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=512911\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=513813\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-July/027129.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1e57652b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kdelibs3 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(94, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kdelibs3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"kdelibs3-3.5.10-13.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kdelibs3\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-16T14:32:53", "description": "This update fixes several security issues in the KDE 3 compatibility version of KHTML (CVE-2009-1725, CVE-2009-1690, CVE-2009-1687, CVE-2009-1698, CVE-2009-2537) which may lead to a denial of service or potentially even arbitrary code execution. In addition, the package was fixed to build with the latest version of automake.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-07-29T00:00:00", "type": "nessus", "title": "Fedora 11 : kdelibs3-3.5.10-13.fc11 (2009-8046)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1687", "CVE-2009-1690", "CVE-2009-1698", "CVE-2009-1725", "CVE-2009-2537"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kdelibs3", "cpe:/o:fedoraproject:fedora:11"], "id": "FEDORA_2009-8046.NASL", "href": "https://www.tenable.com/plugins/nessus/40413", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-8046.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40413);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-1687\", \"CVE-2009-1690\", \"CVE-2009-1698\", \"CVE-2009-1725\", \"CVE-2009-2537\");\n script_xref(name:\"FEDORA\", value:\"2009-8046\");\n\n script_name(english:\"Fedora 11 : kdelibs3-3.5.10-13.fc11 (2009-8046)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes several security issues in the KDE 3 compatibility\nversion of KHTML (CVE-2009-1725, CVE-2009-1690, CVE-2009-1687,\nCVE-2009-1698, CVE-2009-2537) which may lead to a denial of service or\npotentially even arbitrary code execution. In addition, the package\nwas fixed to build with the latest version of automake.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=505571\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=506453\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=506469\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=512911\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=513813\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-July/027128.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b9057ca1\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kdelibs3 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(94, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kdelibs3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^11([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 11.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC11\", reference:\"kdelibs3-3.5.10-13.fc11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kdelibs3\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-16T14:32:53", "description": "This update fixes several security issues in KHTML (CVE-2009-1725, CVE-2009-1690, CVE-2009-1687, CVE-2009-1698, CVE-2009-0945, CVE-2009-2537) which may lead to a denial of service or potentially even arbitrary code execution. In addition, libplasma was fixed to make Plasmaboard (a virtual keyboard applet) work, and a bug in a Fedora patch which made builds of the SRPM on single-CPU machines fail was fixed.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-07-29T00:00:00", "type": "nessus", "title": "Fedora 11 : kdelibs-4.2.4-6.fc11 (2009-8039)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0945", "CVE-2009-1687", "CVE-2009-1690", "CVE-2009-1698", "CVE-2009-1725", "CVE-2009-2537"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kdelibs", "cpe:/o:fedoraproject:fedora:11"], "id": "FEDORA_2009-8039.NASL", "href": "https://www.tenable.com/plugins/nessus/40412", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-8039.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40412);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-0945\", \"CVE-2009-1687\", \"CVE-2009-1690\", \"CVE-2009-1698\", \"CVE-2009-1725\", \"CVE-2009-2537\");\n script_bugtraq_id(34924);\n script_xref(name:\"FEDORA\", value:\"2009-8039\");\n\n script_name(english:\"Fedora 11 : kdelibs-4.2.4-6.fc11 (2009-8039)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes several security issues in KHTML (CVE-2009-1725,\nCVE-2009-1690, CVE-2009-1687, CVE-2009-1698, CVE-2009-0945,\nCVE-2009-2537) which may lead to a denial of service or potentially\neven arbitrary code execution. In addition, libplasma was fixed to\nmake Plasmaboard (a virtual keyboard applet) work, and a bug in a\nFedora patch which made builds of the SRPM on single-CPU machines fail\nwas fixed.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=505571\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=506453\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=506469\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=506703\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=512911\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=513813\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-July/027106.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a3834805\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kdelibs package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(94, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kdelibs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^11([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 11.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC11\", reference:\"kdelibs-4.2.4-6.fc11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kdelibs\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-16T14:33:16", "description": "This update fixes several security issues in KHTML (CVE-2009-1725, CVE-2009-1690, CVE-2009-1687, CVE-2009-1698, CVE-2009-0945, CVE-2009-2537) which may lead to a denial of service or potentially even arbitrary code execution. In addition, libplasma was fixed to make Plasmaboard (a virtual keyboard applet) work, and a bug in a Fedora patch which made builds of the SRPM on single-CPU machines fail was fixed.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-07-29T00:00:00", "type": "nessus", "title": "Fedora 10 : kdelibs-4.2.4-6.fc10 (2009-8049)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0945", "CVE-2009-1687", "CVE-2009-1690", "CVE-2009-1698", "CVE-2009-1725", "CVE-2009-2537"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kdelibs", "cpe:/o:fedoraproject:fedora:10"], "id": "FEDORA_2009-8049.NASL", "href": "https://www.tenable.com/plugins/nessus/40414", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-8049.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40414);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-0945\", \"CVE-2009-1687\", \"CVE-2009-1690\", \"CVE-2009-1698\", \"CVE-2009-1725\", \"CVE-2009-2537\");\n script_bugtraq_id(34924);\n script_xref(name:\"FEDORA\", value:\"2009-8049\");\n\n script_name(english:\"Fedora 10 : kdelibs-4.2.4-6.fc10 (2009-8049)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes several security issues in KHTML (CVE-2009-1725,\nCVE-2009-1690, CVE-2009-1687, CVE-2009-1698, CVE-2009-0945,\nCVE-2009-2537) which may lead to a denial of service or potentially\neven arbitrary code execution. In addition, libplasma was fixed to\nmake Plasmaboard (a virtual keyboard applet) work, and a bug in a\nFedora patch which made builds of the SRPM on single-CPU machines fail\nwas fixed.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=505571\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=506453\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=506469\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=506703\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=512911\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=513813\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-July/027125.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e3d31e0a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kdelibs package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(94, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kdelibs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"kdelibs-4.2.4-6.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kdelibs\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-16T14:36:20", "description": "It was discovered that WebKit did not properly handle certain SVGPathList data structures. If a user were tricked into viewing a malicious website, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program.\n(CVE-2009-0945)\n\nSeveral flaws were discovered in the WebKit browser and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program.\n(CVE-2009-1687, CVE-2009-1690, CVE-2009-1698, CVE-2009-1711, CVE-2009-1725)\n\nIt was discovered that WebKit did not prevent the loading of local Java applets. If a user were tricked into viewing a malicious website, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-1712).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-09-24T00:00:00", "type": "nessus", "title": "Ubuntu 8.10 / 9.04 : webkit vulnerabilities (USN-836-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0945", "CVE-2009-1687", "CVE-2009-1690", "CVE-2009-1698", "CVE-2009-1711", "CVE-2009-1712", "CVE-2009-1725"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libwebkit-1.0-1", "p-cpe:/a:canonical:ubuntu_linux:libwebkit-1.0-1-dbg", "p-cpe:/a:canonical:ubuntu_linux:libwebkit-dev", "cpe:/o:canonical:ubuntu_linux:8.10", "cpe:/o:canonical:ubuntu_linux:9.04"], "id": "UBUNTU_USN-836-1.NASL", "href": "https://www.tenable.com/plugins/nessus/41606", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-836-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41606);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2009-0945\", \"CVE-2009-1687\", \"CVE-2009-1690\", \"CVE-2009-1698\", \"CVE-2009-1711\", \"CVE-2009-1712\", \"CVE-2009-1725\");\n script_bugtraq_id(34924, 35271, 35309, 35318);\n script_xref(name:\"USN\", value:\"836-1\");\n\n script_name(english:\"Ubuntu 8.10 / 9.04 : webkit vulnerabilities (USN-836-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that WebKit did not properly handle certain\nSVGPathList data structures. If a user were tricked into viewing a\nmalicious website, an attacker could exploit this to execute arbitrary\ncode with the privileges of the user invoking the program.\n(CVE-2009-0945)\n\nSeveral flaws were discovered in the WebKit browser and JavaScript\nengines. If a user were tricked into viewing a malicious website, a\nremote attacker could cause a denial of service or possibly execute\narbitrary code with the privileges of the user invoking the program.\n(CVE-2009-1687, CVE-2009-1690, CVE-2009-1698, CVE-2009-1711,\nCVE-2009-1725)\n\nIt was discovered that WebKit did not prevent the loading of local\nJava applets. If a user were tricked into viewing a malicious website,\nan attacker could exploit this to execute arbitrary code with the\nprivileges of the user invoking the program. (CVE-2009-1712).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/836-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected libwebkit-1.0-1, libwebkit-1.0-1-dbg and / or\nlibwebkit-dev packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(94, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libwebkit-1.0-1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libwebkit-1.0-1-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libwebkit-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(8\\.10|9\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.10 / 9.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libwebkit-1.0-1\", pkgver:\"1.0.1-2ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libwebkit-1.0-1-dbg\", pkgver:\"1.0.1-2ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libwebkit-dev\", pkgver:\"1.0.1-2ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libwebkit-1.0-1\", pkgver:\"1.0.1-4ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libwebkit-1.0-1-dbg\", pkgver:\"1.0.1-4ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libwebkit-dev\", pkgver:\"1.0.1-4ubuntu0.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libwebkit-1.0-1 / libwebkit-1.0-1-dbg / libwebkit-dev\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-16T14:38:54", "description": "It was discovered that QtWebKit did not properly handle certain SVGPathList data structures. If a user were tricked into viewing a malicious website, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program.\n(CVE-2009-0945)\n\nSeveral flaws were discovered in the QtWebKit browser and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program.\n(CVE-2009-1687, CVE-2009-1690, CVE-2009-1698, CVE-2009-1711, CVE-2009-1725)\n\nIt was discovered that QtWebKit did not properly handle certain XSL stylesheets. If a user were tricked into viewing a malicious website, an attacker could exploit this to read arbitrary local files, and possibly files from different security zones. (CVE-2009-1699, CVE-2009-1713)\n\nIt was discovered that QtWebKit did not prevent the loading of local Java applets. If a user were tricked into viewing a malicious website, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-1712).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-11-11T00:00:00", "type": "nessus", "title": "Ubuntu 8.10 / 9.04 : qt4-x11 vulnerabilities (USN-857-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0945", "CVE-2009-1687", "CVE-2009-1690", "CVE-2009-1698", "CVE-2009-1699", "CVE-2009-1711", "CVE-2009-1712", "CVE-2009-1713", "CVE-2009-1725"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libqt4-assistant", "p-cpe:/a:canonical:ubuntu_linux:libqt4-core", "p-cpe:/a:canonical:ubuntu_linux:libqt4-dbg", "p-cpe:/a:canonical:ubuntu_linux:libqt4-dbus", "p-cpe:/a:canonical:ubuntu_linux:libqt4-designer", "p-cpe:/a:canonical:ubuntu_linux:libqt4-dev", "p-cpe:/a:canonical:ubuntu_linux:libqt4-dev-dbg", "p-cpe:/a:canonical:ubuntu_linux:libqt4-gui", "p-cpe:/a:canonical:ubuntu_linux:libqt4-help", "p-cpe:/a:canonical:ubuntu_linux:libqt4-network", "p-cpe:/a:canonical:ubuntu_linux:libqt4-opengl", "p-cpe:/a:canonical:ubuntu_linux:libqt4-opengl-dev", "p-cpe:/a:canonical:ubuntu_linux:libqt4-qt3support", "p-cpe:/a:canonical:ubuntu_linux:libqt4-script", "p-cpe:/a:canonical:ubuntu_linux:libqt4-scripttools", "p-cpe:/a:canonical:ubuntu_linux:libqt4-sql", "p-cpe:/a:canonical:ubuntu_linux:libqt4-sql-mysql", "p-cpe:/a:canonical:ubuntu_linux:libqt4-sql-odbc", "p-cpe:/a:canonical:ubuntu_linux:libqt4-sql-psql", "p-cpe:/a:canonical:ubuntu_linux:libqt4-sql-sqlite", "p-cpe:/a:canonical:ubuntu_linux:libqt4-sql-sqlite2", "p-cpe:/a:canonical:ubuntu_linux:libqt4-svg", "p-cpe:/a:canonical:ubuntu_linux:libqt4-test", "p-cpe:/a:canonical:ubuntu_linux:libqt4-webkit", "p-cpe:/a:canonical:ubuntu_linux:libqt4-webkit-dbg", "p-cpe:/a:canonical:ubuntu_linux:libqt4-xml", "p-cpe:/a:canonical:ubuntu_linux:libqt4-xmlpatterns", "p-cpe:/a:canonical:ubuntu_linux:libqt4-xmlpatterns-dbg", "p-cpe:/a:canonical:ubuntu_linux:libqtcore4", "p-cpe:/a:canonical:ubuntu_linux:libqtgui4", "p-cpe:/a:canonical:ubuntu_linux:qt4-demos", "p-cpe:/a:canonical:ubuntu_linux:qt4-demos-dbg", "p-cpe:/a:canonical:ubuntu_linux:qt4-designer", "p-cpe:/a:canonical:ubuntu_linux:qt4-dev-tools", "p-cpe:/a:canonical:ubuntu_linux:qt4-dev-tools-dbg", "p-cpe:/a:canonical:ubuntu_linux:qt4-doc", "p-cpe:/a:canonical:ubuntu_linux:qt4-doc-html", "p-cpe:/a:canonical:ubuntu_linux:qt4-qmake", "p-cpe:/a:canonical:ubuntu_linux:qt4-qtconfig", "cpe:/o:canonical:ubuntu_linux:8.10", "cpe:/o:canonical:ubuntu_linux:9.04"], "id": "UBUNTU_USN-857-1.NASL", "href": "https://www.tenable.com/plugins/nessus/42467", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-857-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42467);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2009-0945\", \"CVE-2009-1687\", \"CVE-2009-1690\", \"CVE-2009-1698\", \"CVE-2009-1699\", \"CVE-2009-1711\", \"CVE-2009-1712\", \"CVE-2009-1713\", \"CVE-2009-1725\");\n script_bugtraq_id(34924, 35271, 35309, 35318);\n script_xref(name:\"USN\", value:\"857-1\");\n\n script_name(english:\"Ubuntu 8.10 / 9.04 : qt4-x11 vulnerabilities (USN-857-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that QtWebKit did not properly handle certain\nSVGPathList data structures. If a user were tricked into viewing a\nmalicious website, an attacker could exploit this to execute arbitrary\ncode with the privileges of the user invoking the program.\n(CVE-2009-0945)\n\nSeveral flaws were discovered in the QtWebKit browser and JavaScript\nengines. If a user were tricked into viewing a malicious website, a\nremote attacker could cause a denial of service or possibly execute\narbitrary code with the privileges of the user invoking the program.\n(CVE-2009-1687, CVE-2009-1690, CVE-2009-1698, CVE-2009-1711,\nCVE-2009-1725)\n\nIt was discovered that QtWebKit did not properly handle certain XSL\nstylesheets. If a user were tricked into viewing a malicious website,\nan attacker could exploit this to read arbitrary local files, and\npossibly files from different security zones. (CVE-2009-1699,\nCVE-2009-1713)\n\nIt was discovered that QtWebKit did not prevent the loading of local\nJava applets. If a user were tricked into viewing a malicious website,\nan attacker could exploit this to execute arbitrary code with the\nprivileges of the user invoking the program. (CVE-2009-1712).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/857-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(94, 189, 200, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-assistant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-designer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-dev-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-help\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-opengl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-opengl-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-qt3support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-script\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-scripttools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-sql-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-sql-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-sql-psql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-sql-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-sql-sqlite2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-svg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-webkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-webkit-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-xmlpatterns\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-xmlpatterns-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqtcore4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqtgui4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:qt4-demos\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:qt4-demos-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:qt4-designer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:qt4-dev-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:qt4-dev-tools-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:qt4-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:qt4-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:qt4-qmake\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:qt4-qtconfig\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(8\\.10|9\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.10 / 9.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-assistant\", pkgver:\"4.4.3-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-core\", pkgver:\"4.4.3-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-dbg\", pkgver:\"4.4.3-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-dbus\", pkgver:\"4.4.3-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-designer\", pkgver:\"4.4.3-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-dev\", pkgver:\"4.4.3-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-gui\", pkgver:\"4.4.3-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-help\", pkgver:\"4.4.3-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-network\", pkgver:\"4.4.3-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-opengl\", pkgver:\"4.4.3-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-opengl-dev\", pkgver:\"4.4.3-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-qt3support\", pkgver:\"4.4.3-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-script\", pkgver:\"4.4.3-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-sql\", pkgver:\"4.4.3-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-sql-mysql\", pkgver:\"4.4.3-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-sql-odbc\", pkgver:\"4.4.3-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-sql-psql\", pkgver:\"4.4.3-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-sql-sqlite\", pkgver:\"4.4.3-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-sql-sqlite2\", pkgver:\"4.4.3-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-svg\", pkgver:\"4.4.3-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-test\", pkgver:\"4.4.3-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-webkit\", pkgver:\"4.4.3-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-webkit-dbg\", pkgver:\"4.4.3-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-xml\", pkgver:\"4.4.3-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-xmlpatterns\", pkgver:\"4.4.3-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-xmlpatterns-dbg\", pkgver:\"4.4.3-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqtcore4\", pkgver:\"4.4.3-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqtgui4\", pkgver:\"4.4.3-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"qt4-demos\", pkgver:\"4.4.3-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"qt4-designer\", pkgver:\"4.4.3-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"qt4-dev-tools\", pkgver:\"4.4.3-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"qt4-doc\", pkgver:\"4.4.3-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"qt4-doc-html\", pkgver:\"4.4.3-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"qt4-qtconfig\", pkgver:\"4.4.3-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-assistant\", pkgver:\"4.5.0-0ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-core\", pkgver:\"4.5.0-0ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-dbg\", pkgver:\"4.5.0-0ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-dbus\", pkgver:\"4.5.0-0ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-designer\", pkgver:\"4.5.0-0ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-dev\", pkgver:\"4.5.0-0ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-dev-dbg\", pkgver:\"4.5.0-0ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-gui\", pkgver:\"4.5.0-0ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-help\", pkgver:\"4.5.0-0ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-network\", pkgver:\"4.5.0-0ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-opengl\", pkgver:\"4.5.0-0ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-opengl-dev\", pkgver:\"4.5.0-0ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-qt3support\", pkgver:\"4.5.0-0ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-script\", pkgver:\"4.5.0-0ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-scripttools\", pkgver:\"4.5.0-0ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-sql\", pkgver:\"4.5.0-0ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-sql-mysql\", pkgver:\"4.5.0-0ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-sql-odbc\", pkgver:\"4.5.0-0ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-sql-psql\", pkgver:\"4.5.0-0ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-sql-sqlite\", pkgver:\"4.5.0-0ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-sql-sqlite2\", pkgver:\"4.5.0-0ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-svg\", pkgver:\"4.5.0-0ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-test\", pkgver:\"4.5.0-0ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-webkit\", pkgver:\"4.5.0-0ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-webkit-dbg\", pkgver:\"4.5.0-0ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-xml\", pkgver:\"4.5.0-0ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-xmlpatterns\", pkgver:\"4.5.0-0ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-xmlpatterns-dbg\", pkgver:\"4.5.0-0ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqtcore4\", pkgver:\"4.5.0-0ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqtgui4\", pkgver:\"4.5.0-0ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"qt4-demos\", pkgver:\"4.5.0-0ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"qt4-demos-dbg\", pkgver:\"4.5.0-0ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"qt4-designer\", pkgver:\"4.5.0-0ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"qt4-dev-tools\", pkgver:\"4.5.0-0ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"qt4-dev-tools-dbg\", pkgver:\"4.5.0-0ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"qt4-doc\", pkgver:\"4.5.0-0ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"qt4-doc-html\", pkgver:\"4.5.0-0ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"qt4-qmake\", pkgver:\"4.5.0-0ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"qt4-qtconfig\", pkgver:\"4.5.0-0ubuntu4.3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libqt4-assistant / libqt4-core / libqt4-dbg / libqt4-dbus / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-27T15:19:30", "description": "Multiple vulnerabilities was discovered and corrected in kdelibs4 :\n\nKDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a '&#0;' (NUL) character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408 (CVE-2009-2702).\n\nThe JavaScript garbage collector in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle allocation failures, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document that triggers write access to an offset of a NULL pointer.\n(CVE-2009-1687).\n\nWebKit in Apple Safari before 4.0.2, KHTML in kdelibs in KDE, QtWebKit (aka Qt toolkit), and possibly other products does not properly handle numeric character references, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document (CVE-2009-1725).\n\nUse-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by setting an unspecified property of an HTML tag that causes child elements to be freed and later accessed when an HTML error occurs, related to recursion in certain DOM event handlers. (CVE-2009-1690).\n\nWebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a large numerical argument, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document (CVE-2009-1698).\n\nKDE Konqueror allows remote attackers to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692 (CVE-2009-2537).\n\nThe gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc in FreeBSD 6.4 and 7.2, NetBSD 5.0, and OpenBSD 4.5 allows context-dependent attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a large precision value in the format argument to a printf function, related to an array overrun. (CVE-2009-0689).\n\nWebKit, as used in Safari before 3.2.3 and 4 Public Beta, on Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 and Windows allows remote attackers to execute arbitrary code via a crafted SVGList object that triggers memory corruption (CVE-2009-0945).\n\nThe updated packages have been patched to correct these issues.", "cvss3": {"score": null, "vector": null}, "published": "2010-07-30T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : kdelibs4 (MDVSA-2010:027)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0689", "CVE-2009-0945", "CVE-2009-1687", "CVE-2009-1690", "CVE-2009-1692", "CVE-2009-1698", "CVE-2009-1725", "CVE-2009-2408", "CVE-2009-2537", "CVE-2009-2702"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:kdelibs4-core", "p-cpe:/a:mandriva:linux:kdelibs4-devel", "p-cpe:/a:mandriva:linux:lib64kde3support4", "p-cpe:/a:mandriva:linux:lib64kdecore5", "p-cpe:/a:mandriva:linux:lib64kdefakes5", "p-cpe:/a:mandriva:linux:lib64kdesu5", "p-cpe:/a:mandriva:linux:lib64kdeui5", "p-cpe:/a:mandriva:linux:lib64kdnssd4", "p-cpe:/a:mandriva:linux:lib64kfile4", "p-cpe:/a:mandriva:linux:lib64khtml5", "p-cpe:/a:mandriva:linux:lib64kimproxy4", "p-cpe:/a:mandriva:linux:lib64kio5", "p-cpe:/a:mandriva:linux:lib64kjs4", "p-cpe:/a:mandriva:linux:lib64kjsapi4", "p-cpe:/a:mandriva:linux:lib64kjsembed4", "p-cpe:/a:mandriva:linux:lib64kmediaplayer4", "p-cpe:/a:mandriva:linux:lib64knewstuff2_4", "p-cpe:/a:mandriva:linux:lib64knotifyconfig4", "p-cpe:/a:mandriva:linux:lib64kntlm4", "p-cpe:/a:mandriva:linux:lib64kparts4", "p-cpe:/a:mandriva:linux:lib64kpty4", "p-cpe:/a:mandriva:linux:lib64krosscore4", "p-cpe:/a:mandriva:linux:lib64krossui4", "p-cpe:/a:mandriva:linux:lib64ktexteditor4", "p-cpe:/a:mandriva:linux:lib64kunittest4", "p-cpe:/a:mandriva:linux:lib64kutils4", "p-cpe:/a:mandriva:linux:lib64nepomuk4", "p-cpe:/a:mandriva:linux:lib64plasma3", "p-cpe:/a:mandriva:linux:lib64solid4", "p-cpe:/a:mandriva:linux:lib64threadweaver4", "p-cpe:/a:mandriva:linux:libkde3support4", "p-cpe:/a:mandriva:linux:libkdecore5", "p-cpe:/a:mandriva:linux:libkdefakes5", "p-cpe:/a:mandriva:linux:libkdesu5", "p-cpe:/a:mandriva:linux:libkdeui5", "p-cpe:/a:mandriva:linux:libkdnssd4", "p-cpe:/a:mandriva:linux:libkfile4", "p-cpe:/a:mandriva:linux:libkhtml5", "p-cpe:/a:mandriva:linux:libkimproxy4", "p-cpe:/a:mandriva:linux:libkio5", "p-cpe:/a:mandriva:linux:libkjs4", "p-cpe:/a:mandriva:linux:libkjsapi4", "p-cpe:/a:mandriva:linux:libkjsembed4", "p-cpe:/a:mandriva:linux:libkmediaplayer4", "p-cpe:/a:mandriva:linux:libknewstuff2_4", "p-cpe:/a:mandriva:linux:libknotifyconfig4", "p-cpe:/a:mandriva:linux:libkntlm4", "p-cpe:/a:mandriva:linux:libkparts4", "p-cpe:/a:mandriva:linux:libkpty4", "p-cpe:/a:mandriva:linux:libkrosscore4", "p-cpe:/a:mandriva:linux:libkrossui4", "p-cpe:/a:mandriva:linux:libktexteditor4", "p-cpe:/a:mandriva:linux:libkunittest4", "p-cpe:/a:mandriva:linux:libkutils4", "p-cpe:/a:mandriva:linux:libnepomuk4", "p-cpe:/a:mandriva:linux:libplasma3", "p-cpe:/a:mandriva:linux:libsolid4", "p-cpe:/a:mandriva:linux:libthreadweaver4", "cpe:/o:mandriva:linux:2009.1"], "id": "MANDRIVA_MDVSA-2010-027.NASL", "href": "https://www.tenable.com/plugins/nessus/48170", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2010:027. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(48170);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2009-0689\",\n \"CVE-2009-0945\",\n \"CVE-2009-1687\",\n \"CVE-2009-1690\",\n \"CVE-2009-1698\",\n \"CVE-2009-1725\",\n \"CVE-2009-2537\",\n \"CVE-2009-2702\"\n );\n script_bugtraq_id(\n 34924,\n 35271,\n 35309,\n 35318,\n 35446,\n 35510,\n 36229\n );\n script_xref(name:\"MDVSA\", value:\"2010:027\");\n\n script_name(english:\"Mandriva Linux Security Advisory : kdelibs4 (MDVSA-2010:027)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities was discovered and corrected in kdelibs4 :\n\nKDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a\n'&#0;' (NUL) character in a domain name in the Subject Alternative\nName field of an X.509 certificate, which allows man-in-the-middle\nattackers to spoof arbitrary SSL servers via a crafted certificate\nissued by a legitimate Certification Authority, a related issue to\nCVE-2009-2408 (CVE-2009-2702).\n\nThe JavaScript garbage collector in WebKit in Apple Safari before 4.0,\niPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through\n2.2.1 does not properly handle allocation failures, which allows\nremote attackers to execute arbitrary code or cause a denial of\nservice (memory corruption and application crash) via a crafted HTML\ndocument that triggers write access to an offset of a NULL pointer.\n(CVE-2009-1687).\n\nWebKit in Apple Safari before 4.0.2, KHTML in kdelibs in KDE, QtWebKit\n(aka Qt toolkit), and possibly other products does not properly handle\nnumeric character references, which allows remote attackers to execute\narbitrary code or cause a denial of service (memory corruption and\napplication crash) via a crafted HTML document (CVE-2009-1725).\n\nUse-after-free vulnerability in WebKit, as used in Apple Safari before\n4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through\n2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows\nremote attackers to execute arbitrary code or cause a denial of\nservice (memory corruption and application crash) by setting an\nunspecified property of an HTML tag that causes child elements to be\nfreed and later accessed when an HTML error occurs, related to\nrecursion in certain DOM event handlers. (CVE-2009-1690).\n\nWebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and\niPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a\npointer during handling of a Cascading Style Sheets (CSS) attr\nfunction call with a large numerical argument, which allows remote\nattackers to execute arbitrary code or cause a denial of service\n(memory corruption and application crash) via a crafted HTML document\n(CVE-2009-1698).\n\nKDE Konqueror allows remote attackers to cause a denial of service\n(memory consumption) via a large integer value for the length property\nof a Select object, a related issue to CVE-2009-1692 (CVE-2009-2537).\n\nThe gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc in\nFreeBSD 6.4 and 7.2, NetBSD 5.0, and OpenBSD 4.5 allows\ncontext-dependent attackers to cause a denial of service (application\ncrash) or possibly have unspecified other impact via a large precision\nvalue in the format argument to a printf function, related to an array\noverrun. (CVE-2009-0689).\n\nWebKit, as used in Safari before 3.2.3 and 4 Public Beta, on Apple Mac\nOS X 10.4.11 and 10.5 before 10.5.7 and Windows allows remote\nattackers to execute arbitrary code via a crafted SVGList object that\ntriggers memory corruption (CVE-2009-0945).\n\nThe updated packages have been patched to correct these issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(94, 119, 189, 310, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdelibs4-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdelibs4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kde3support4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdecore5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdefakes5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdesu5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdeui5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdnssd4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kfile4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64khtml5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kimproxy4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kio5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kjs4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kjsapi4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kjsembed4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kmediaplayer4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64knewstuff2_4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64knotifyconfig4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kntlm4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kparts4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kpty4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64krosscore4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64krossui4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64ktexteditor4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kunittest4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kutils4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64nepomuk4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64plasma3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64solid4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64threadweaver4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkde3support4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdecore5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdefakes5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdesu5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdeui5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdnssd4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkfile4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkhtml5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkimproxy4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkio5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkjs4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkjsapi4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkjsembed4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkmediaplayer4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libknewstuff2_4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libknotifyconfig4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkntlm4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkparts4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkpty4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkrosscore4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkrossui4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libktexteditor4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkunittest4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkutils4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libnepomuk4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libplasma3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libsolid4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libthreadweaver4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/01/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kdelibs4-core-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kdelibs4-devel-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64kde3support4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64kdecore5-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64kdefakes5-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64kdesu5-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64kdeui5-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64kdnssd4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64kfile4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64khtml5-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64kimproxy4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64kio5-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64kjs4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64kjsapi4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64kjsembed4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64kmediaplayer4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64knewstuff2_4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64knotifyconfig4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64kntlm4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64kparts4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64kpty4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64krosscore4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64krossui4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64ktexteditor4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64kunittest4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64kutils4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64nepomuk4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64plasma3-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64solid4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64threadweaver4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libkde3support4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libkdecore5-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libkdefakes5-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libkdesu5-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libkdeui5-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libkdnssd4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libkfile4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libkhtml5-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libkimproxy4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libkio5-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libkjs4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libkjsapi4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libkjsembed4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libkmediaplayer4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libknewstuff2_4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libknotifyconfig4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libkntlm4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libkparts4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libkpty4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libkrosscore4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libkrossui4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libktexteditor4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libkunittest4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libkutils4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libnepomuk4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libplasma3-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libsolid4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libthreadweaver4-4.2.4-0.8mdv2009.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:06:25", "description": "The remote mobile host is a using a version of Apple iOS earlier than 3.1. Such versions are potentially affected by multiple issues: \n\n - An issue in WebKit's handling of the parent and top objects could result in cross-site scripting attacks. (CVE-2009-1724)\n\n - A memory corruption issue in WebKits's handling of numeric character references. (CVE-2009-1725)\n\n - The International Domain Name support and Unicode fonts embedded in Safari could be used to create a URL which contains look-alike characters. (CVE-2009-2199)\n\n - A heap buffer overflow exists in the handling of AAC or MP3 files. (CVE-2009-2206)\n\n - Spotlight finds and allows access to deleted messages in Mail folders on the device. (CVE-2009-2207)\n\n - The iPhone OS allows users to specify a 'Require Passcode' setting that may be greater than the 'Maximum Inactivity time lock' setting from Microsoft Exchange servers. (CVE-2009-2794)\n\n - A heap buffer overflow exists in Recovery Mode command parsing. (CVE-2009-2795)\n\n - When a character in a password is deleted, and the deletion is undone, the character is briefly made visible. (CVE-2009-2796)\n\n - Safari includes the user name and password from the original URL in the referer header. (CVE-2009-2797)\n\n - A null pointer dereference issue exists in the handling of SMS arrival notifications. (CVE-2009-2815)", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2009-09-10T00:00:00", "type": "nessus", "title": "Apple iOS 3.x < 3.1 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1724", "CVE-2009-1725", "CVE-2009-2797", "CVE-2009-3273", "CVE-2009-2199", "CVE-2009-2795", "CVE-2009-2794", "CVE-2009-2815", "CVE-2009-2206", "CVE-2009-2796", "CVE-2009-2207"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*"], "id": "5160.PRM", "href": "https://www.tenable.com/plugins/nnm/5160", "sourceData": "Binary data 5160.prm", "cvss": {"score": 9.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-16T14:25:21", "description": "Several vulnerabilities have been discovered in WebKit, a Web content engine library for Gtk+. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2009-0945 Array index error in the insertItemBefore method in WebKit, allows remote attackers to execute arbitrary code via a document with a SVGPathList data structure containing a negative index in the SVGTransformList, SVGStringList, SVGNumberList, SVGPathSegList, SVGPointList, or SVGLengthList SVGList object, which triggers memory corruption.\n\n - CVE-2009-1687 The JavaScript garbage collector in WebKit does not properly handle allocation failures, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document that triggers write access to an 'offset of a NULL pointer.'\n\n - CVE-2009-1690 Use-after-free vulnerability in WebKit, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by setting an unspecified property of an HTML tag that causes child elements to be freed and later accessed when an HTML error occurs, related to 'recursion in certain DOM event handlers.'\n\n - CVE-2009-1698 WebKit does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a large numerical argument, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.\n\n - CVE-2009-1711 WebKit does not properly initialize memory for Attr DOM objects, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document.\n\n - CVE-2009-1712 WebKit does not prevent remote loading of local Java applets, which allows remote attackers to execute arbitrary code, gain privileges, or obtain sensitive information via an APPLET or OBJECT element.\n\n - CVE-2009-1725 WebKit do not properly handle numeric character references, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.\n\n - CVE-2009-1714 Cross-site scripting (XSS) vulnerability in Web Inspector in WebKit allows user-assisted remote attackers to inject arbitrary web script or HTML, and read local files, via vectors related to the improper escaping of HTML attributes.\n\n - CVE-2009-1710 WebKit allows remote attackers to spoof the browser's display of the host name, security indicators, and unspecified other UI elements via a custom cursor in conjunction with a modified CSS3 hotspot property.\n\n - CVE-2009-1697 CRLF injection vulnerability in WebKit allows remote attackers to inject HTTP headers and bypass the Same Origin Policy via a crafted HTML document, related to cross-site scripting (XSS) attacks that depend on communication with arbitrary websites on the same server through use of XMLHttpRequest without a Host header.\n\n - CVE-2009-1695 Cross-site scripting (XSS) vulnerability in WebKit allows remote attackers to inject arbitrary web script or HTML via vectors involving access to frame contents after completion of a page transition.\n\n - CVE-2009-1693 WebKit allows remote attackers to read images from arbitrary websites via a CANVAS element with an SVG image, related to a 'cross-site image capture issue.'\n\n - CVE-2009-1694 WebKit does not properly handle redirects, which allows remote attackers to read images from arbitrary websites via vectors involving a CANVAS element and redirection, related to a 'cross-site image capture issue.'\n\n - CVE-2009-1681 WebKit does not prevent websites from loading third-party content into a subframe, which allows remote attackers to bypass the Same Origin Policy and conduct 'clickjacking' attacks via a crafted HTML document.\n\n - CVE-2009-1684 Cross-site scripting (XSS) vulnerability in WebKit allows remote attackers to inject arbitrary web script or HTML via an event handler that triggers script execution in the context of the next loaded document.\n\n - CVE-2009-1692 WebKit allows remote attackers to cause a denial of service (memory consumption or device reset) via a web page containing an HTMLSelectElement object with a large length attribute, related to the length property of a Select object.", "cvss3": {"score": null, "vector": null}, "published": "2010-02-24T00:00:00", "type": "nessus", "title": "Debian DSA-1950-1 : webkit - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0945", "CVE-2009-1681", "CVE-2009-1684", "CVE-2009-1687", "CVE-2009-1690", "CVE-2009-1692", "CVE-2009-1693", "CVE-2009-1694", "CVE-2009-1695", "CVE-2009-1697", "CVE-2009-1698", "CVE-2009-1710", "CVE-2009-1711", "CVE-2009-1712", "CVE-2009-1714", "CVE-2009-1725"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:webkit", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-1950.NASL", "href": "https://www.tenable.com/plugins/nessus/44815", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1950. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44815);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-0945\", \"CVE-2009-1681\", \"CVE-2009-1684\", \"CVE-2009-1687\", \"CVE-2009-1690\", \"CVE-2009-1692\", \"CVE-2009-1693\", \"CVE-2009-1694\", \"CVE-2009-1695\", \"CVE-2009-1697\", \"CVE-2009-1698\", \"CVE-2009-1710\", \"CVE-2009-1711\", \"CVE-2009-1712\", \"CVE-2009-1714\", \"CVE-2009-1725\");\n script_xref(name:\"DSA\", value:\"1950\");\n\n script_name(english:\"Debian DSA-1950-1 : webkit - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in WebKit, a Web content\nengine library for Gtk+. The Common Vulnerabilities and Exposures\nproject identifies the following problems :\n\n - CVE-2009-0945\n Array index error in the insertItemBefore method in\n WebKit, allows remote attackers to execute arbitrary\n code via a document with a SVGPathList data structure\n containing a negative index in the SVGTransformList,\n SVGStringList, SVGNumberList, SVGPathSegList,\n SVGPointList, or SVGLengthList SVGList object, which\n triggers memory corruption.\n\n - CVE-2009-1687\n The JavaScript garbage collector in WebKit does not\n properly handle allocation failures, which allows remote\n attackers to execute arbitrary code or cause a denial of\n service (memory corruption and application crash) via a\n crafted HTML document that triggers write access to an\n 'offset of a NULL pointer.'\n\n - CVE-2009-1690\n Use-after-free vulnerability in WebKit, allows remote\n attackers to execute arbitrary code or cause a denial of\n service (memory corruption and application crash) by\n setting an unspecified property of an HTML tag that\n causes child elements to be freed and later accessed\n when an HTML error occurs, related to 'recursion in\n certain DOM event handlers.'\n\n - CVE-2009-1698\n WebKit does not initialize a pointer during handling of\n a Cascading Style Sheets (CSS) attr function call with a\n large numerical argument, which allows remote attackers\n to execute arbitrary code or cause a denial of service\n (memory corruption and application crash) via a crafted\n HTML document.\n\n - CVE-2009-1711\n WebKit does not properly initialize memory for Attr DOM\n objects, which allows remote attackers to execute\n arbitrary code or cause a denial of service (application\n crash) via a crafted HTML document.\n\n - CVE-2009-1712\n WebKit does not prevent remote loading of local Java\n applets, which allows remote attackers to execute\n arbitrary code, gain privileges, or obtain sensitive\n information via an APPLET or OBJECT element.\n\n - CVE-2009-1725\n WebKit do not properly handle numeric character\n references, which allows remote attackers to execute\n arbitrary code or cause a denial of service (memory\n corruption and application crash) via a crafted HTML\n document.\n\n - CVE-2009-1714\n Cross-site scripting (XSS) vulnerability in Web\n Inspector in WebKit allows user-assisted remote\n attackers to inject arbitrary web script or HTML, and\n read local files, via vectors related to the improper\n escaping of HTML attributes.\n\n - CVE-2009-1710\n WebKit allows remote attackers to spoof the browser's\n display of the host name, security indicators, and\n unspecified other UI elements via a custom cursor in\n conjunction with a modified CSS3 hotspot property.\n\n - CVE-2009-1697\n CRLF injection vulnerability in WebKit allows remote\n attackers to inject HTTP headers and bypass the Same\n Origin Policy via a crafted HTML document, related to\n cross-site scripting (XSS) attacks that depend on\n communication with arbitrary websites on the same server\n through use of XMLHttpRequest without a Host header.\n\n - CVE-2009-1695\n Cross-site scripting (XSS) vulnerability in WebKit\n allows remote attackers to inject arbitrary web script\n or HTML via vectors involving access to frame contents\n after completion of a page transition.\n\n - CVE-2009-1693\n WebKit allows remote attackers to read images from\n arbitrary websites via a CANVAS element with an SVG\n image, related to a 'cross-site image capture issue.'\n\n - CVE-2009-1694\n WebKit does not properly handle redirects, which allows\n remote attackers to read images from arbitrary websites\n via vectors involving a CANVAS element and redirection,\n related to a 'cross-site image capture issue.'\n\n - CVE-2009-1681\n WebKit does not prevent websites from loading\n third-party content into a subframe, which allows remote\n attackers to bypass the Same Origin Policy and conduct\n 'clickjacking' attacks via a crafted HTML document.\n\n - CVE-2009-1684\n Cross-site scripting (XSS) vulnerability in WebKit\n allows remote attackers to inject arbitrary web script\n or HTML via an event handler that triggers script\n execution in the context of the next loaded document.\n\n - CVE-2009-1692\n WebKit allows remote attackers to cause a denial of\n service (memory consumption or device reset) via a web\n page containing an HTMLSelectElement object with a large\n length attribute, related to the length property of a\n Select object.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=532724\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=532725\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534946\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=535793\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=538346\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0945\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1687\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1690\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1698\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1711\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1712\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1725\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1714\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1710\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1697\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1695\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1693\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1694\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1681\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1684\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1692\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2009/dsa-1950\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the webkit package.\n\nFor the stable distribution (lenny), these problems has been fixed in\nversion 1.0.1-4+lenny2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 79, 94, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:webkit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/05/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"libwebkit-1.0-1\", reference:\"1.0.1-4+lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libwebkit-1.0-1-dbg\", reference:\"1.0.1-4+lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libwebkit-dev\", reference:\"1.0.1-4+lenny2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:05:48", "description": "Mandriva Linux 2008.0 was released with KDE version 3.5.7.\n\nThis update upgrades KDE in Mandriva Linux 2008.0 to version 3.5.10, which brings many bugfixes, overall improvements and many security fixes.\n\nkdegraphics contains security fixes for CVE-2009-3603,3604,3605,3606,3608,3609,0146,0147,0165,0166,0799,0800,1 179,1180,1181,1182,1183\n\nkdelibs contains security fixes for CVE-2009-0689,1687,1690,1698,2702,1725,2537\n\nPackages for 2008.0 are provided for Corporate Desktop 2008.0 customers.", "cvss3": {"score": null, "vector": null}, "published": "2009-12-30T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : kde (MDVSA-2009:346)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0146", "CVE-2009-0147", "CVE-2009-0165", "CVE-2009-0166", "CVE-2009-0689", "CVE-2009-0799", "CVE-2009-0800", "CVE-2009-1179", "CVE-2009-1180", "CVE-2009-1181", "CVE-2009-1182", "CVE-2009-1183", "CVE-2009-1687", "CVE-2009-1690", "CVE-2009-1698", "CVE-2009-1725", "CVE-2009-2537", "CVE-2009-2702", "CVE-2009-3603", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3606", "CVE-2009-3608", "CVE-2009-3609"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:arts", "p-cpe:/a:mandriva:linux:free-kde-config", "p-cpe:/a:mandriva:linux:fribidi", "p-cpe:/a:mandriva:linux:htdig", "p-cpe:/a:mandriva:linux:htdig-devel", "p-cpe:/a:mandriva:linux:htdig-web", "p-cpe:/a:mandriva:linux:kde-i18n-af", "p-cpe:/a:mandriva:linux:kde-i18n-ar", "p-cpe:/a:mandriva:linux:kde-i18n-az", "p-cpe:/a:mandriva:linux:kde-i18n-be", "p-cpe:/a:mandriva:linux:kde-i18n-bg", "p-cpe:/a:mandriva:linux:kde-i18n-bn", "p-cpe:/a:mandriva:linux:kde-i18n-br", "p-cpe:/a:mandriva:linux:kde-i18n-bs", "p-cpe:/a:mandriva:linux:kde-i18n-ca", "p-cpe:/a:mandriva:linux:kde-i18n-cs", "p-cpe:/a:mandriva:linux:kde-i18n-csb", "p-cpe:/a:mandriva:linux:kde-i18n-cy", "p-cpe:/a:mandriva:linux:kde-i18n-da", "p-cpe:/a:mandriva:linux:kde-i18n-de", "p-cpe:/a:mandriva:linux:kde-i18n-el", "p-cpe:/a:mandriva:linux:kde-i18n-en_GB", "p-cpe:/a:mandriva:linux:kde-i18n-eo", "p-cpe:/a:mandriva:linux:kde-i18n-es", "p-cpe:/a:mandriva:linux:kde-i18n-eu", "p-cpe:/a:mandriva:linux:kde-i18n-fa", "p-cpe:/a:mandriva:linux:kde-i18n-fi", "p-cpe:/a:mandriva:linux:kde-i18n-fr", "p-cpe:/a:mandriva:linux:kde-i18n-fy", "p-cpe:/a:mandriva:linux:kde-i18n-ga", "p-cpe:/a:mandriva:linux:kde-i18n-gl", "p-cpe:/a:mandriva:linux:kde-i18n-he", "p-cpe:/a:mandriva:linux:kde-i18n-hi", "p-cpe:/a:mandriva:linux:kde-i18n-hr", "p-cpe:/a:mandriva:linux:kde-i18n-hu", "p-cpe:/a:mandriva:linux:kde-i18n-is", "p-cpe:/a:mandriva:linux:kde-i18n-it", "p-cpe:/a:mandriva:linux:kde-i18n-ja", "p-cpe:/a:mandriva:linux:kde-i18n-kk", "p-cpe:/a:mandriva:linux:kde-i18n-km", "p-cpe:/a:mandriva:linux:kde-i18n-ko", "p-cpe:/a:mandriva:linux:kde-i18n-lt", "p-cpe:/a:mandriva:linux:kde-i18n-lv", "p-cpe:/a:mandriva:linux:kde-i18n-mk", "p-cpe:/a:mandriva:linux:kde-i18n-mn", "p-cpe:/a:mandriva:linux:kde-i18n-ms", "p-cpe:/a:mandriva:linux:kde-i18n-nb", "p-cpe:/a:mandriva:linux:kde-i18n-nds", "p-cpe:/a:mandriva:linux:kde-i18n-nl", "p-cpe:/a:mandriva:linux:kde-i18n-nn", "p-cpe:/a:mandriva:linux:kde-i18n-pa", "p-cpe:/a:mandriva:linux:kde-i18n-pl", "p-cpe:/a:mandriva:linux:kde-i18n-pt", "p-cpe:/a:mandriva:linux:kde-i18n-pt_BR", "p-cpe:/a:mandriva:linux:kde-i18n-ro", "p-cpe:/a:mandriva:linux:kde-i18n-ru", "p-cpe:/a:mandriva:linux:kde-i18n-rw", "p-cpe:/a:mandriva:linux:kde-i18n-se", "p-cpe:/a:mandriva:linux:kde-i18n-sk", "p-cpe:/a:mandriva:linux:kde-i18n-sl", "p-cpe:/a:mandriva:linux:kde-i18n-sr", "p-cpe:/a:mandriva:linux:kde-i18n-ss", "p-cpe:/a:mandriva:linux:kde-i18n-sv", "p-cpe:/a:mandriva:linux:kde-i18n-ta", "p-cpe:/a:mandriva:linux:kde-i18n-te", "p-cpe:/a:mandriva:linux:kde-i18n-tg", "p-cpe:/a:mandriva:linux:kde-i18n-th", "p-cpe:/a:mandriva:linux:kde-i18n-tr", "p-cpe:/a:mandriva:linux:kde-i18n-uk", "p-cpe:/a:mandriva:linux:kde-i18n-uz", "p-cpe:/a:mandriva:linux:kde-i18n-vi", "p-cpe:/a:mandriva:linux:kde-i18n-wa", "p-cpe:/a:mandriva:linux:kde-i18n-zh_CN", "p-cpe:/a:mandriva:linux:kde-i18n-zh_TW", "p-cpe:/a:mandriva:linux:kde3-macros", "p-cpe:/a:mandriva:linux:kdeaccessibility", "p-cpe:/a:mandriva:linux:kdeaccessibility-kttsd", "p-cpe:/a:mandriva:linux:kdeaccessibility-kttsd-akode", "p-cpe:/a:mandriva:linux:kdeaddons", "p-cpe:/a:mandriva:linux:kdeaddons-akregator", "p-cpe:/a:mandriva:linux:kdeaddons-atlantik", "p-cpe:/a:mandriva:linux:kdeaddons-kaddressbook-plugins", "p-cpe:/a:mandriva:linux:kdeaddons-kate", "p-cpe:/a:mandriva:linux:kdeaddons-kfile-plugins", "p-cpe:/a:mandriva:linux:kdeaddons-kicker-applets", "p-cpe:/a:mandriva:linux:kdeaddons-knewsticker", "p-cpe:/a:mandriva:linux:kdeaddons-konq-plugins", "p-cpe:/a:mandriva:linux:kdeaddons-konqimagegallery", "p-cpe:/a:mandriva:linux:kdeaddons-metabar", "p-cpe:/a:mandriva:linux:kdeaddons-renamedlg", "p-cpe:/a:mandriva:linux:kdeaddons-searchbar", "p-cpe:/a:mandriva:linux:kdeartwork", "p-cpe:/a:mandriva:linux:kdeartwork-icons-theme-Locolor", "p-cpe:/a:mandriva:linux:kdeartwork-icons-theme-ikons", "p-cpe:/a:mandriva:linux:kdeartwork-icons-theme-kdeclassic", "p-cpe:/a:mandriva:linux:kdeartwork-icons-theme-kids", "p-cpe:/a:mandriva:linux:kdeartwork-icons-theme-slick", "p-cpe:/a:mandriva:linux:kdeartwork-screensavers", "p-cpe:/a:mandriva:linux:kdeartwork-screensavers-gl", "p-cpe:/a:mandriva:linux:kdebase", "p-cpe:/a:mandriva:linux:kdebase-common", "p-cpe:/a:mandriva:linux:kdebase-devel-doc", "p-cpe:/a:mandriva:linux:kdebase-kate", "p-cpe:/a:mandriva:linux:kdebase-kdeprintfax", "p-cpe:/a:mandriva:linux:kdebase-kdm", "p-cpe:/a:mandriva:linux:kdebase-kmenuedit", "p-cpe:/a:mandriva:linux:kdebase-konsole", "p-cpe:/a:mandriva:linux:kdebase-ksysguard", "p-cpe:/a:mandriva:linux:kdebase-nsplugins", "p-cpe:/a:mandriva:linux:kdebase-progs", "p-cpe:/a:mandriva:linux:kdebase-session-plugins", "p-cpe:/a:mandriva:linux:kdeedu", "p-cpe:/a:mandriva:linux:kdegames", "p-cpe:/a:mandriva:linux:kdegraphics", "p-cpe:/a:mandriva:linux:kdegraphics-common", "p-cpe:/a:mandriva:linux:kdegraphics-kcolorchooser", "p-cpe:/a:mandriva:linux:kdegraphics-kcoloredit", "p-cpe:/a:mandriva:linux:kdegraphics-kdvi", "p-cpe:/a:mandriva:linux:kdegraphics-kfax", "p-cpe:/a:mandriva:linux:kdegraphics-kghostview", "p-cpe:/a:mandriva:linux:kdegraphics-kiconedit", "p-cpe:/a:mandriva:linux:kdegraphics-kolourpaint", "p-cpe:/a:mandriva:linux:kdegraphics-kooka", "p-cpe:/a:mandriva:linux:kdegraphics-kpdf", "p-cpe:/a:mandriva:linux:kdegraphics-kpovmodeler", "p-cpe:/a:mandriva:linux:kdegraphics-kruler", "p-cpe:/a:mandriva:linux:kdegraphics-ksnapshot", "p-cpe:/a:mandriva:linux:kdegraphics-ksvg", "p-cpe:/a:mandriva:linux:kdegraphics-kuickshow", "p-cpe:/a:mandriva:linux:kdegraphics-kview", "p-cpe:/a:mandriva:linux:kdegraphics-mrmlsearch", "p-cpe:/a:mandriva:linux:kdelibs-common", "p-cpe:/a:mandriva:linux:kdelibs-devel-doc", "p-cpe:/a:mandriva:linux:kdemultimedia", "p-cpe:/a:mandriva:linux:kdemultimedia-arts", "p-cpe:/a:mandriva:linux:kdemultimedia-common", "p-cpe:/a:mandriva:linux:kdemultimedia-juk", "p-cpe:/a:mandriva:linux:kdemultimedia-kaboodle", "p-cpe:/a:mandriva:linux:kdemultimedia-kaudiocreator", "p-cpe:/a:mandriva:linux:kdemultimedia-kmid", "p-cpe:/a:mandriva:linux:kdemultimedia-kmix", "p-cpe:/a:mandriva:linux:kdemultimedia-krec", "p-cpe:/a:mandriva:linux:kdemultimedia-kscd", "p-cpe:/a:mandriva:linux:kdemultimedia-noatun", "p-cpe:/a:mandriva:linux:kdenetwork", "p-cpe:/a:mandriva:linux:kdenetwork-common", "p-cpe:/a:mandriva:linux:kdenetwork-devel", "p-cpe:/a:mandriva:linux:kdenetwork-kdict", "p-cpe:/a:mandriva:linux:kdenetwork-kget", "p-cpe:/a:mandriva:linux:kdenetwork-knewsticker", "p-cpe:/a:mandriva:linux:kdenetwork-kopete", "p-cpe:/a:mandriva:linux:kdenetwork-kopete-latex", "p-cpe:/a:mandriva:linux:kdenetwork-kppp", "p-cpe:/a:mandriva:linux:kdenetwork-kppp-provider", "p-cpe:/a:mandriva:linux:kdenetwork-krfb", "p-cpe:/a:mandriva:linux:kdenetwork-ksirc", "p-cpe:/a:mandriva:linux:kdenetwork-ktalk", "p-cpe:/a:mandriva:linux:kdenetwork-kwifimanager", "p-cpe:/a:mandriva:linux:kdepim", "p-cpe:/a:mandriva:linux:kdepim-akregator", "p-cpe:/a:mandriva:linux:kdepim-common", "p-cpe:/a:mandriva:linux:kdepim-devel", "p-cpe:/a:mandriva:linux:kdepim-devel-doc", "p-cpe:/a:mandriva:linux:kdepim-kaddressbook", "p-cpe:/a:mandriva:linux:kdepim-kandy", "p-cpe:/a:mandriva:linux:kdepim-karm", "p-cpe:/a:mandriva:linux:kdepim-kitchensync", "p-cpe:/a:mandriva:linux:kdepim-kmail", "p-cpe:/a:mandriva:linux:kdepim-knode", "p-cpe:/a:mandriva:linux:kdepim-knotes", "p-cpe:/a:mandriva:linux:kdepim-kontact", "p-cpe:/a:mandriva:linux:kdepim-korganizer", "p-cpe:/a:mandriva:linux:kdepim-korn", "p-cpe:/a:mandriva:linux:kdepim-kpilot", "p-cpe:/a:mandriva:linux:kdepim-ktnef", "p-cpe:/a:mandriva:linux:kdepim-wizards", "p-cpe:/a:mandriva:linux:kdesdk", "p-cpe:/a:mandriva:linux:kdesdk-cervisia", "p-cpe:/a:mandriva:linux:kdesdk-devel", "p-cpe:/a:mandriva:linux:kdesdk-kbabel", "p-cpe:/a:mandriva:linux:kdesdk-kcachegrind", "p-cpe:/a:mandriva:linux:kdesdk-kompare", "p-cpe:/a:mandriva:linux:kdesdk-po2xml", "p-cpe:/a:mandriva:linux:kdesdk-umbrello", "p-cpe:/a:mandriva:linux:kdetoys", "p-cpe:/a:mandriva:linux:kdetoys-kweather", "p-cpe:/a:mandriva:linux:kdeutils", "p-cpe:/a:mandriva:linux:kdeutils-ark", "p-cpe:/a:mandriva:linux:kdeutils-common", "p-cpe:/a:mandriva:linux:kdeutils-kcalc", "p-cpe:/a:mandriva:linux:kdeutils-kcharselect", "p-cpe:/a:mandriva:linux:kdeutils-kdessh", "p-cpe:/a:mandriva:linux:kdeutils-kdf", "p-cpe:/a:mandriva:linux:kdeutils-kedit", "p-cpe:/a:mandriva:linux:kdeutils-kfloppy", "p-cpe:/a:mandriva:linux:kdeutils-kgpg", "p-cpe:/a:mandriva:linux:kdeutils-khexedit", "p-cpe:/a:mandriva:linux:kdeutils-kjots", "p-cpe:/a:mandriva:linux:kdeutils-klaptop", "p-cpe:/a:mandriva:linux:kdeutils-kmilo", "p-cpe:/a:mandriva:linux:kdeutils-ksim", "p-cpe:/a:mandriva:linux:kdeutils-ktimer", "p-cpe:/a:mandriva:linux:kdeutils-kwalletmanager", "p-cpe:/a:mandriva:linux:kdeutils-superkaramba", "p-cpe:/a:mandriva:linux:kdevelop", "p-cpe:/a:mandriva:linux:kdevelop-doc", "p-cpe:/a:mandriva:linux:kdewebdev", "p-cpe:/a:mandriva:linux:kdewebdev-devel", "p-cpe:/a:mandriva:linux:kdewebdev-kfilereplace", "p-cpe:/a:mandriva:linux:kdewebdev-kommander", "p-cpe:/a:mandriva:linux:kdewebdev-quanta-doc", "p-cpe:/a:mandriva:linux:kjsembed", "p-cpe:/a:mandriva:linux:ksig", "p-cpe:/a:mandriva:linux:lib64arts1", "p-cpe:/a:mandriva:linux:lib64arts1-devel", "p-cpe:/a:mandriva:linux:lib64fribidi-devel", "p-cpe:/a:mandriva:linux:lib64fribidi-static-devel", "p-cpe:/a:mandriva:linux:lib64fribidi0", "p-cpe:/a:mandriva:linux:lib64gwsoap0", "p-cpe:/a:mandriva:linux:lib64kdeaccessibility1-kttsd", "p-cpe:/a:mandriva:linux:lib64kdeaccessibility1-kttsd-devel", "p-cpe:/a:mandriva:linux:lib64kdebase4", "p-cpe:/a:mandriva:linux:lib64kdebase4-devel", "p-cpe:/a:mandriva:linux:lib64kdebase4-kate", "p-cpe:/a:mandriva:linux:lib64kdecore4", "p-cpe:/a:mandriva:linux:lib64kdecore4-devel", "p-cpe:/a:mandriva:linux:lib64kdeedu-devel", "p-cpe:/a:mandriva:linux:lib64kdeedu1", "p-cpe:/a:mandriva:linux:lib64kdegames1", "p-cpe:/a:mandriva:linux:lib64kdegames1-devel", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-common", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-common-devel", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-kghostview", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-kghostview-devel", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-kooka", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-kooka-devel", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-kpovmodeler", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-kpovmodeler-devel", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-ksvg", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-ksvg-devel", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-kview", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-kview-devel", "p-cpe:/a:mandriva:linux:lib64kdemultimedia1-arts", "p-cpe:/a:mandriva:linux:lib64kdemultimedia1-arts-devel", "p-cpe:/a:mandriva:linux:lib64kdemultimedia1-common", "p-cpe:/a:mandriva:linux:lib64kdemultimedia1-common-devel", "p-cpe:/a:mandriva:linux:lib64kdemultimedia1-noatun", "p-cpe:/a:mandriva:linux:lib64kdemultimedia1-noatun-devel", "p-cpe:/a:mandriva:linux:lib64kdenetwork2-common", "p-cpe:/a:mandriva:linux:lib64kdenetwork2-kopete", "p-cpe:/a:mandriva:linux:lib64kdepim2-common", "p-cpe:/a:mandriva:linux:lib64kdepim2-index", "p-cpe:/a:mandriva:linux:lib64kdepim2-kaddressbook", "p-cpe:/a:mandriva:linux:lib64kdepim2-kitchensync", "p-cpe:/a:mandriva:linux:lib64kdepim2-kontact", "p-cpe:/a:mandriva:linux:lib64kdepim2-korganizer", "p-cpe:/a:mandriva:linux:lib64kdepim2-kpilot", "p-cpe:/a:mandriva:linux:lib64kdepim2-ktnef", "p-cpe:/a:mandriva:linux:lib64kdepim2-qopensync", "p-cpe:/a:mandriva:linux:lib64kdesdk1", "p-cpe:/a:mandriva:linux:lib64kdesdk1-cervisia", "p-cpe:/a:mandriva:linux:lib64kdesdk1-kbabel", "p-cpe:/a:mandriva:linux:lib64kdetoys1-devel", "p-cpe:/a:mandriva:linux:lib64kdetoys1-kweather", "p-cpe:/a:mandriva:linux:lib64kdeutils1-common", "p-cpe:/a:mandriva:linux:lib64kdeutils1-common-devel", "p-cpe:/a:mandriva:linux:lib64kdeutils1-khexedit", "p-cpe:/a:mandriva:linux:lib64kdeutils1-klaptop", "p-cpe:/a:mandriva:linux:lib64kdeutils1-kmilo", "p-cpe:/a:mandriva:linux:lib64kdeutils1-ksim", "p-cpe:/a:mandriva:linux:lib64kdevelop-devel", "p-cpe:/a:mandriva:linux:lib64kdevelop3", "p-cpe:/a:mandriva:linux:lib64kdewebdev0", "p-cpe:/a:mandriva:linux:lib64kdewebdev0-kommander", "p-cpe:/a:mandriva:linux:lib64kjsembed1", "p-cpe:/a:mandriva:linux:lib64kjsembed1-devel", "p-cpe:/a:mandriva:linux:lib64smokekde1", "p-cpe:/a:mandriva:linux:lib64smokeqt1", "p-cpe:/a:mandriva:linux:libarts1", "p-cpe:/a:mandriva:linux:libarts1-devel", "p-cpe:/a:mandriva:linux:libfribidi-devel", "p-cpe:/a:mandriva:linux:libfribidi-static-devel", "p-cpe:/a:mandriva:linux:libfribidi0", "p-cpe:/a:mandriva:linux:libgwsoap0", "p-cpe:/a:mandriva:linux:libkdeaccessibility1-kttsd", "p-cpe:/a:mandriva:linux:libkdeaccessibility1-kttsd-devel", "p-cpe:/a:mandriva:linux:libkdebase4", "p-cpe:/a:mandriva:linux:libkdebase4-devel", "p-cpe:/a:mandriva:linux:libkdebase4-kate", "p-cpe:/a:mandriva:linux:libkdecore4", "p-cpe:/a:mandriva:linux:libkdecore4-devel", "p-cpe:/a:mandriva:linux:libkdeedu-devel", "p-cpe:/a:mandriva:linux:libkdeedu1", "p-cpe:/a:mandriva:linux:libkdegames1", "p-cpe:/a:mandriva:linux:libkdegames1-devel", "p-cpe:/a:mandriva:linux:libkdegraphics0-common", "p-cpe:/a:mandriva:linux:libkdegraphics0-common-devel", "p-cpe:/a:mandriva:linux:libkdegraphics0-kghostview", "p-cpe:/a:mandriva:linux:libkdegraphics0-kghostview-devel", "p-cpe:/a:mandriva:linux:libkdegraphics0-kooka", "p-cpe:/a:mandriva:linux:libkdegraphics0-kooka-devel", "p-cpe:/a:mandriva:linux:libkdegraphics0-kpovmodeler", "p-cpe:/a:mandriva:linux:libkdegraphics0-kpovmodeler-devel", "p-cpe:/a:mandriva:linux:libkdegraphics0-ksvg", "p-cpe:/a:mandriva:linux:libkdegraphics0-ksvg-devel", "p-cpe:/a:mandriva:linux:libkdegraphics0-kview", "p-cpe:/a:mandriva:linux:libkdegraphics0-kview-devel", "p-cpe:/a:mandriva:linux:libkdemultimedia1-arts", "p-cpe:/a:mandriva:linux:libkdemultimedia1-arts-devel", "p-cpe:/a:mandriva:linux:libkdemultimedia1-common", "p-cpe:/a:mandriva:linux:libkdemultimedia1-common-devel", "p-cpe:/a:mandriva:linux:libkdemultimedia1-noatun", "p-cpe:/a:mandriva:linux:libkdemultimedia1-noatun-devel", "p-cpe:/a:mandriva:linux:libkdenetwork2-common", "p-cpe:/a:mandriva:linux:libkdenetwork2-kopete", "p-cpe:/a:mandriva:linux:libkdepim2-common", "p-cpe:/a:mandriva:linux:libkdepim2-index", "p-cpe:/a:mandriva:linux:libkdepim2-kaddressbook", "p-cpe:/a:mandriva:linux:libkdepim2-kitchensync", "p-cpe:/a:mandriva:linux:libkdepim2-kontact", "p-cpe:/a:mandriva:linux:libkdepim2-korganizer", "p-cpe:/a:mandriva:linux:libkdepim2-kpilot", "p-cpe:/a:mandriva:linux:libkdepim2-ktnef", "p-cpe:/a:mandriva:linux:libkdepim2-qopensync", "p-cpe:/a:mandriva:linux:libkdesdk1", "p-cpe:/a:mandriva:linux:libkdesdk1-cervisia", "p-cpe:/a:mandriva:linux:libkdesdk1-kbabel", "p-cpe:/a:mandriva:linux:libkdetoys1-devel", "p-cpe:/a:mandriva:linux:libkdetoys1-kweather", "p-cpe:/a:mandriva:linux:libkdeutils1-common", "p-cpe:/a:mandriva:linux:libkdeutils1-common-devel", "p-cpe:/a:mandriva:linux:libkdeutils1-khexedit", "p-cpe:/a:mandriva:linux:libkdeutils1-klaptop", "p-cpe:/a:mandriva:linux:libkdeutils1-kmilo", "p-cpe:/a:mandriva:linux:libkdeutils1-ksim", "p-cpe:/a:mandriva:linux:libkdevelop-devel", "p-cpe:/a:mandriva:linux:libkdevelop3", "p-cpe:/a:mandriva:linux:libkdewebdev0", "p-cpe:/a:mandriva:linux:libkdewebdev0-kommander", "p-cpe:/a:mandriva:linux:libkjsembed1", "p-cpe:/a:mandriva:linux:libkjsembed1-devel", "p-cpe:/a:mandriva:linux:libsmokekde1", "p-cpe:/a:mandriva:linux:libsmokeqt1", "p-cpe:/a:mandriva:linux:lisa", "p-cpe:/a:mandriva:linux:mandriva-kde-config-common", "p-cpe:/a:mandriva:linux:mandriva-kde-translation", "p-cpe:/a:mandriva:linux:mandriva-kdm-config", "p-cpe:/a:mandriva:linux:nss_mdns", "p-cpe:/a:mandriva:linux:one-kde-config", "p-cpe:/a:mandriva:linux:perl-DCOP", "p-cpe:/a:mandriva:linux:powerpack-kde-config", "p-cpe:/a:mandriva:linux:ruby-qt", "p-cpe:/a:mandriva:linux:smoke-devel", "p-cpe:/a:mandriva:linux:task-kde", "p-cpe:/a:mandriva:linux:task-kde-devel", "p-cpe:/a:mandriva:linux:xsettings-kde", "cpe:/o:mandriva:linux:2008.0"], "id": "MANDRIVA_MDVSA-2009-346.NASL", "href": "https://www.tenable.com/plugins/nessus/43613", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:346. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43613);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2009-0146\",\n \"CVE-2009-0147\",\n \"CVE-2009-0165\",\n \"CVE-2009-0166\",\n \"CVE-2009-0689\",\n \"CVE-2009-0799\",\n \"CVE-2009-0800\",\n \"CVE-2009-1179\",\n \"CVE-2009-1180\",\n \"CVE-2009-1181\",\n \"CVE-2009-1182\",\n \"CVE-2009-1183\",\n \"CVE-2009-1687\",\n \"CVE-2009-1690\",\n \"CVE-2009-1698\",\n \"CVE-2009-1725\",\n \"CVE-2009-2537\",\n \"CVE-2009-2702\",\n \"CVE-2009-3603\",\n \"CVE-2009-3604\",\n \"CVE-2009-3605\",\n \"CVE-2009-3606\",\n \"CVE-2009-3608\",\n \"CVE-2009-3609\"\n );\n script_bugtraq_id(\n 34568,\n 35271,\n 35309,\n 35318,\n 35446,\n 35510,\n 36229,\n 36703\n );\n script_xref(name:\"MDVSA\", value:\"2009:346\");\n\n script_name(english:\"Mandriva Linux Security Advisory : kde (MDVSA-2009:346)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mandriva Linux 2008.0 was released with KDE version 3.5.7.\n\nThis update upgrades KDE in Mandriva Linux 2008.0 to version 3.5.10,\nwhich brings many bugfixes, overall improvements and many security\nfixes.\n\nkdegraphics contains security fixes for\nCVE-2009-3603,3604,3605,3606,3608,3609,0146,0147,0165,0166,0799,0800,1\n179,1180,1181,1182,1183\n\nkdelibs contains security fixes for\nCVE-2009-0689,1687,1690,1698,2702,1725,2537\n\nPackages for 2008.0 are provided for Corporate Desktop 2008.0\ncustomers.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/56485\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 94, 119, 189, 310, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:arts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:free-kde-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fribidi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:htdig\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:htdig-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:htdig-web\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-az\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-bn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-bs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-csb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-en_GB\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-eo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-fa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-fy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-ga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-hi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-kk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-km\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-mk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-mn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-ms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-nb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-nds\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-nn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-pa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-pt_BR\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-rw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-ss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-sv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-ta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-te\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-tg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-uz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-wa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-zh_CN\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde-i18n-zh_TW\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kde3-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeaccessibility\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeaccessibility-kttsd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeaccessibility-kttsd-akode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeaddons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeaddons-akregator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeaddons-atlantik\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeaddons-kaddressbook-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeaddons-kate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeaddons-kfile-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeaddons-kicker-applets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeaddons-knewsticker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeaddons-konq-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeaddons-konqimagegallery\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeaddons-metabar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeaddons-renamedlg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeaddons-searchbar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeartwork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeartwork-icons-theme-Locolor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeartwork-icons-theme-ikons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeartwork-icons-theme-kdeclassic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeartwork-icons-theme-kids\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeartwork-icons-theme-slick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeartwork-screensavers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeartwork-screensavers-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdebase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdebase-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdebase-devel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdebase-kate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdebase-kdeprintfax\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdebase-kdm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdebase-kmenuedit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdebase-konsole\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdebase-ksysguard\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdebase-nsplugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdebase-progs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdebase-session-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeedu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegames\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kcolorchooser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kcoloredit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kdvi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kfax\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kghostview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kiconedit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kolourpaint\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kooka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kpdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kpovmodeler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kruler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-ksnapshot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-ksvg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kuickshow\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-mrmlsearch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdelibs-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdelibs-devel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdemultimedia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdemultimedia-arts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdemultimedia-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdemultimedia-juk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdemultimedia-kaboodle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdemultimedia-kaudiocreator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdemultimedia-kmid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdemultimedia-kmix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdemultimedia-krec\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdemultimedia-kscd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdemultimedia-noatun\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdenetwork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdenetwork-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdenetwork-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdenetwork-kdict\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdenetwork-kget\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdenetwork-knewsticker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdenetwork-kopete\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdenetwork-kopete-latex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdenetwork-kppp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdenetwork-kppp-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdenetwork-krfb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdenetwork-ksirc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdenetwork-ktalk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdenetwork-kwifimanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdepim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdepim-akregator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdepim-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdepim-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdepim-devel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdepim-kaddressbook\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdepim-kandy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdepim-karm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdepim-kitchensync\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdepim-kmail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdepim-knode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdepim-knotes\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdepim-kontact\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdepim-korganizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdepim-korn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdepim-kpilot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdepim-ktnef\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdepim-wizards\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdesdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdesdk-cervisia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdesdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdesdk-kbabel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdesdk-kcachegrind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdesdk-kompare\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdesdk-po2xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdesdk-umbrello\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdetoys\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdetoys-kweather\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeutils-ark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeutils-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeutils-kcalc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeutils-kcharselect\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeutils-kdessh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeutils-kdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeutils-kedit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeutils-kfloppy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeutils-kgpg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeutils-khexedit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeutils-kjots\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeutils-klaptop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeutils-kmilo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeutils-ksim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeutils-ktimer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeutils-kwalletmanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdeutils-superkaramba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdevelop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdevelop-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdewebdev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdewebdev-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdewebdev-kfilereplace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdewebdev-kommander\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdewebdev-quanta-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kjsembed\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ksig\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64arts1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64arts1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64fribidi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64fribidi-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64fribidi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64gwsoap0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdeaccessibility1-kttsd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdeaccessibility1-kttsd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdebase4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdebase4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdebase4-kate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdecore4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdecore4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdeedu-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdeedu1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegames1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegames1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-common-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-kghostview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-kghostview-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-kooka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-kooka-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-kpovmodeler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-kpovmodeler-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-ksvg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-ksvg-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-kview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-kview-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdemultimedia1-arts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdemultimedia1-arts-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdemultimedia1-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdemultimedia1-common-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdemultimedia1-noatun\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdemultimedia1-noatun-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdenetwork2-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdenetwork2-kopete\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdepim2-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdepim2-index\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdepim2-kaddressbook\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdepim2-kitchensync\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdepim2-kontact\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdepim2-korganizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdepim2-kpilot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdepim2-ktnef\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdepim2-qopensync\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdesdk1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdesdk1-cervisia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdesdk1-kbabel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdetoys1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdetoys1-kweather\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdeutils1-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdeutils1-common-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdeutils1-khexedit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdeutils1-klaptop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdeutils1-kmilo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdeutils1-ksim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdevelop-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdevelop3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdewebdev0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdewebdev0-kommander\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kjsembed1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kjsembed1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64smokekde1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64smokeqt1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libarts1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libarts1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libfribidi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libfribidi-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libfribidi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libgwsoap0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdeaccessibility1-kttsd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdeaccessibility1-kttsd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdebase4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdebase4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdebase4-kate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdecore4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdecore4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdeedu-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdeedu1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegames1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegames1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-common-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-kghostview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-kghostview-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-kooka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-kooka-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-kpovmodeler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-kpovmodeler-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-ksvg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-ksvg-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-kview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-kview-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdemultimedia1-arts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdemultimedia1-arts-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdemultimedia1-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdemultimedia1-common-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdemultimedia1-noatun\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdemultimedia1-noatun-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdenetwork2-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdenetwork2-kopete\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdepim2-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdepim2-index\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdepim2-kaddressbook\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdepim2-kitchensync\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdepim2-kontact\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdepim2-korganizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdepim2-kpilot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdepim2-ktnef\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdepim2-qopensync\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdesdk1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdesdk1-cervisia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdesdk1-kbabel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdetoys1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdetoys1-kweather\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdeutils1-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdeutils1-common-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdeutils1-khexedit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdeutils1-klaptop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdeutils1-kmilo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdeutils1-ksim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdevelop-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdevelop3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdewebdev0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdewebdev0-kommander\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkjsembed1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkjsembed1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libsmokekde1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libsmokeqt1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lisa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mandriva-kde-config-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mandriva-kde-translation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mandriva-kdm-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nss_mdns\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:one-kde-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:perl-DCOP\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:powerpack-kde-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ruby-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:smoke-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:task-kde\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:task-kde-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xsettings-kde\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/12/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.0\", reference:\"arts-1.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"free-kde-config-2008.0-29.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"fribidi-0.19.1-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"htdig-3.2.0-1.12mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"htdig-devel-3.2.0-1.12mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"htdig-web-3.2.0-1.12mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-af-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-ar-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-az-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-be-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-bg-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-bn-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-br-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-bs-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-ca-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-cs-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-csb-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-cy-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-da-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-de-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-el-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-en_GB-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-eo-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-es-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-eu-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-fa-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-fi-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-fr-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-fy-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-ga-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-gl-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-he-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-hi-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-hr-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-hu-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-is-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-it-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-ja-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-kk-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-km-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-ko-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-lt-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-lv-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-mk-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-mn-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-ms-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-nb-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-nds-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-nl-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-nn-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-pa-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-pl-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-pt-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-pt_BR-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-ro-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-ru-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-rw-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-se-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-sk-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-sl-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-sr-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-ss-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-sv-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-ta-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-te-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-tg-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-th-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-tr-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-uk-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-uz-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-vi-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-wa-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-zh_CN-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde-i18n-zh_TW-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kde3-macros-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeaccessibility-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeaccessibility-kttsd-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeaccessibility-kttsd-akode-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeaddons-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeaddons-akregator-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeaddons-atlantik-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeaddons-kaddressbook-plugins-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeaddons-kate-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeaddons-kfile-plugins-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeaddons-kicker-applets-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeaddons-knewsticker-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeaddons-konq-plugins-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeaddons-konqimagegallery-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeaddons-metabar-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeaddons-renamedlg-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeaddons-searchbar-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeartwork-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeartwork-icons-theme-Locolor-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeartwork-icons-theme-ikons-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeartwork-icons-theme-kdeclassic-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeartwork-icons-theme-kids-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeartwork-icons-theme-slick-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeartwork-screensavers-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeartwork-screensavers-gl-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdebase-3.5.10-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdebase-common-3.5.10-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdebase-devel-doc-3.5.10-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdebase-kate-3.5.10-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdebase-kdeprintfax-3.5.10-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdebase-kdm-3.5.10-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdebase-kmenuedit-3.5.10-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdebase-konsole-3.5.10-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdebase-ksysguard-3.5.10-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdebase-nsplugins-3.5.10-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdebase-progs-3.5.10-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdebase-session-plugins-3.5.10-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeedu-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdegames-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdegraphics-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdegraphics-common-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdegraphics-kcolorchooser-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdegraphics-kcoloredit-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdegraphics-kdvi-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdegraphics-kfax-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdegraphics-kghostview-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdegraphics-kiconedit-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdegraphics-kolourpaint-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdegraphics-kooka-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdegraphics-kpdf-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdegraphics-kpovmodeler-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdegraphics-kruler-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdegraphics-ksnapshot-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdegraphics-ksvg-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdegraphics-kuickshow-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdegraphics-kview-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdegraphics-mrmlsearch-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdelibs-common-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdelibs-devel-doc-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdemultimedia-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdemultimedia-arts-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdemultimedia-common-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdemultimedia-juk-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdemultimedia-kaboodle-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdemultimedia-kaudiocreator-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdemultimedia-kmid-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdemultimedia-kmix-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdemultimedia-krec-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdemultimedia-kscd-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdemultimedia-noatun-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdenetwork-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdenetwork-common-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdenetwork-devel-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdenetwork-kdict-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdenetwork-kget-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdenetwork-knewsticker-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdenetwork-kopete-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdenetwork-kopete-latex-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdenetwork-kppp-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdenetwork-kppp-provider-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdenetwork-krfb-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdenetwork-ksirc-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdenetwork-ktalk-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdenetwork-kwifimanager-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdepim-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdepim-akregator-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdepim-common-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdepim-devel-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdepim-devel-doc-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdepim-kaddressbook-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdepim-kandy-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdepim-karm-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdepim-kitchensync-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdepim-kmail-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdepim-knode-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdepim-knotes-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdepim-kontact-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdepim-korganizer-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdepim-korn-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdepim-kpilot-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdepim-ktnef-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdepim-wizards-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdesdk-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdesdk-cervisia-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdesdk-devel-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdesdk-kbabel-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdesdk-kcachegrind-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdesdk-kompare-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdesdk-po2xml-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdesdk-umbrello-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdetoys-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdetoys-kweather-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeutils-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeutils-ark-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeutils-common-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeutils-kcalc-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeutils-kcharselect-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeutils-kdessh-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeutils-kdf-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeutils-kedit-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeutils-kfloppy-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeutils-kgpg-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeutils-khexedit-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeutils-kjots-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeutils-klaptop-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeutils-kmilo-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeutils-ksim-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeutils-ktimer-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeutils-kwalletmanager-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdeutils-superkaramba-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdevelop-3.5.4-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdevelop-doc-3.5.4-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdewebdev-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdewebdev-devel-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdewebdev-kfilereplace-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdewebdev-kommander-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kdewebdev-quanta-doc-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"kjsembed-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"ksig-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64arts1-1.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64arts1-devel-1.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64fribidi-devel-0.19.1-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64fribidi-static-devel-0.19.1-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64fribidi0-0.19.1-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64gwsoap0-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdeaccessibility1-kttsd-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdeaccessibility1-kttsd-devel-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdebase4-3.5.10-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdebase4-devel-3.5.10-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdebase4-kate-3.5.10-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdecore4-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdecore4-devel-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdeedu-devel-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdeedu1-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdegames1-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdegames1-devel-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-common-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-common-devel-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-kghostview-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-kghostview-devel-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-kooka-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-kooka-devel-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-kpovmodeler-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-kpovmodeler-devel-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-ksvg-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-ksvg-devel-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-kview-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-kview-devel-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdemultimedia1-arts-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdemultimedia1-arts-devel-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdemultimedia1-common-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdemultimedia1-common-devel-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdemultimedia1-noatun-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdemultimedia1-noatun-devel-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdenetwork2-common-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdenetwork2-kopete-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdepim2-common-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdepim2-index-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdepim2-kaddressbook-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdepim2-kitchensync-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdepim2-kontact-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdepim2-korganizer-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdepim2-kpilot-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdepim2-ktnef-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdepim2-qopensync-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdesdk1-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdesdk1-cervisia-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdesdk1-kbabel-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdetoys1-devel-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdetoys1-kweather-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdeutils1-common-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdeutils1-common-devel-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdeutils1-khexedit-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdeutils1-klaptop-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdeutils1-kmilo-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdeutils1-ksim-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdevelop-devel-3.5.4-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdevelop3-3.5.4-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdewebdev0-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kdewebdev0-kommander-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kjsembed1-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64kjsembed1-devel-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64smokekde1-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64smokeqt1-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libarts1-1.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libarts1-devel-1.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libfribidi-devel-0.19.1-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libfribidi-static-devel-0.19.1-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libfribidi0-0.19.1-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libgwsoap0-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdeaccessibility1-kttsd-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdeaccessibility1-kttsd-devel-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdebase4-3.5.10-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdebase4-devel-3.5.10-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdebase4-kate-3.5.10-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdecore4-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdecore4-devel-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdeedu-devel-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdeedu1-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdegames1-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdegames1-devel-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdegraphics0-common-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdegraphics0-common-devel-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdegraphics0-kghostview-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdegraphics0-kghostview-devel-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdegraphics0-kooka-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdegraphics0-kooka-devel-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdegraphics0-kpovmodeler-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdegraphics0-kpovmodeler-devel-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdegraphics0-ksvg-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdegraphics0-ksvg-devel-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdegraphics0-kview-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdegraphics0-kview-devel-3.5.10-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdemultimedia1-arts-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdemultimedia1-arts-devel-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdemultimedia1-common-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdemultimedia1-common-devel-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdemultimedia1-noatun-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdemultimedia1-noatun-devel-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdenetwork2-common-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdenetwork2-kopete-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdepim2-common-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdepim2-index-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdepim2-kaddressbook-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdepim2-kitchensync-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdepim2-kontact-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdepim2-korganizer-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdepim2-kpilot-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdepim2-ktnef-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdepim2-qopensync-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdesdk1-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdesdk1-cervisia-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdesdk1-kbabel-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdetoys1-devel-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdetoys1-kweather-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdeutils1-common-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdeutils1-common-devel-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdeutils1-khexedit-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdeutils1-klaptop-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdeutils1-kmilo-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdeutils1-ksim-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdevelop-devel-3.5.4-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdevelop3-3.5.4-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdewebdev0-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkdewebdev0-kommander-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkjsembed1-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkjsembed1-devel-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libsmokekde1-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libsmokeqt1-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"lisa-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"mandriva-kde-config-common-2008.0-29.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"mandriva-kde-translation-2009.1-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"mandriva-kdm-config-2008.0-29.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"nss_mdns-0.10-1.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"one-kde-config-2008.0-29.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"perl-DCOP-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"powerpack-kde-config-2008.0-29.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"ruby-qt-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"smoke-devel-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"task-kde-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"task-kde-devel-3.5.10-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"xsettings-kde-0.6-1.1mdv2008.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-16T14:07:03", "description": "Various bugs in webkit have been fixed. The CVE id's are :\n\nCVE-2009-0945, CVE-2009-1681, CVE-2009-1684, CVE-2009-1685, CVE-2009-1686, CVE-2009-1687, CVE-2009-1688, CVE-2009-1689, CVE-2009-1691, CVE-2009-1690, CVE-2009-1692, CVE-2009-1693, CVE-2009-1694, CVE-2009-1695, CVE-2009-1696, CVE-2009-1697, CVE-2009-1698, CVE-2009-1699, CVE-2009-1700, CVE-2009-1701, CVE-2009-1702, CVE-2009-1703, CVE-2009-1709, CVE-2009-1710, CVE-2009-1711, CVE-2009-1712, CVE-2009-1713, CVE-2009-1714, CVE-2009-1715, CVE-2009-1718, CVE-2009-1724, CVE-2009-1725, CVE-2009-2195, CVE-2009-2199, CVE-2009-2200, CVE-2009-2419, CVE-2009-2797, CVE-2009-2816, CVE-2009-2841, CVE-2009-3272, CVE-2009-3384, CVE-2009-3933, CVE-2009-3934, CVE-2010-0046, CVE-2010-0047, CVE-2010-0048, CVE-2010-0049, CVE-2010-0050, CVE-2010-0052, CVE-2010-0053, CVE-2010-0054, CVE-2010-0315, CVE-2010-0647, CVE-2010-0051, CVE-2010-0650, CVE-2010-0651, CVE-2010-0656, CVE-2010-0659, CVE-2010-0661, CVE-2010-1029, CVE-2010-1126, CVE-2010-1233, CVE-2010-1236, CVE-2010-1386, CVE-2010-1387, CVE-2010-1388, CVE-2010-1389, CVE-2010-1390, CVE-2010-1391, CVE-2010-1392, CVE-2010-1393, CVE-2010-1394, CVE-2010-1395, CVE-2010-1396, CVE-2010-1397, CVE-2010-1398, CVE-2010-1399, CVE-2010-1400, CVE-2010-1401, CVE-2010-1402, CVE-2010-1403, CVE-2010-1404, CVE-2010-1405, CVE-2010-1406, CVE-2010-1407, CVE-2010-1408, CVE-2010-1409, CVE-2010-1410, CVE-2010-1412, CVE-2010-1413, CVE-2010-1414, CVE-2010-1415, CVE-2010-1416, CVE-2010-1417, CVE-2010-1418, CVE-2010-1419, CVE-2010-1421, CVE-2010-1422, CVE-2010-1729, CVE-2010-1749, CVE-2010-1757, CVE-2010-1758, CVE-2010-1759, CVE-2010-1760, CVE-2010-1761, CVE-2010-1762, CVE-2010-1763, CVE-2010-1764, CVE-2010-1766, CVE-2010-1767, CVE-2010-1769, CVE-2010-1770, CVE-2010-1771, CVE-2010-1772, CVE-2010-1773, CVE-2010-1774, CVE-2010-1780, CVE-2010-1781, CVE-2010-1782, CVE-2010-1783, CVE-2010-1784, CVE-2010-1785, CVE-2010-1786, CVE-2010-1787, CVE-2010-1788, CVE-2010-1789, CVE-2010-1790, CVE-2010-1791, CVE-2010-1792, CVE-2010-1793, CVE-2010-1807, CVE-2010-1812, CVE-2010-1813, CVE-2010-1814, CVE-2010-1815, CVE-2010-1822, CVE-2010-1823, CVE-2010-1824, CVE-2010-1825, CVE-2010-2264, CVE-2010-2295, CVE-2010-2297, CVE-2010-2300, CVE-2010-2301, CVE-2010-2302, CVE-2010-2441, CVE-2010-3116, CVE-2010-3257, CVE-2010-3259, CVE-2010-3312, CVE-2010-3803, CVE-2010-3804, CVE-2010-3805, CVE-2010-3808, CVE-2010-3809, CVE-2010-3810, CVE-2010-3811, CVE-2010-3812, CVE-2010-3813, CVE-2010-3816, CVE-2010-3817, CVE-2010-3818, CVE-2010-3819, CVE-2010-3820, CVE-2010-3821, CVE-2010-3822, CVE-2010-3823, CVE-2010-3824, CVE-2010-3826, CVE-2010-3829, CVE-2010-3900, CVE-2010-4040", "cvss3": {"score": null, "vector": null}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libwebkit (openSUSE-SU-2011:0024-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0945", "CVE-2009-1681", "CVE-2009-1684", "CVE-2009-1685", "CVE-2009-1686", "CVE-2009-1687", "CVE-2009-1688", "CVE-2009-1689", "CVE-2009-1690", "CVE-2009-1691", "CVE-2009-1692", "CVE-2009-1693", "CVE-2009-1694", "CVE-2009-1695", "CVE-2009-1696", "CVE-2009-1697", "CVE-2009-1698", "CVE-2009-1699", "CVE-2009-1700", "CVE-2009-1701", "CVE-2009-1702", "CVE-2009-1703", "CVE-2009-1709", "CVE-2009-1710", "CVE-2009-1711", "CVE-2009-1712", "CVE-2009-1713", "CVE-2009-1714", "CVE-2009-1715", "CVE-2009-1718", "CVE-2009-1724", "CVE-2009-1725", "CVE-2009-2195", "CVE-2009-2199", "CVE-2009-2200", "CVE-2009-2419", "CVE-2009-2797", "CVE-2009-2816", "CVE-2009-2841", "CVE-2009-3272", "CVE-2009-3384", "CVE-2009-3933", "CVE-2009-3934", "CVE-2010-0046", "CVE-2010-0047", "CVE-2010-0048", "CVE-2010-0049", "CVE-2010-0050", "CVE-2010-0051", "CVE-2010-0052", "CVE-2010-0053", "CVE-2010-0054", "CVE-2010-0315", "CVE-2010-0647", "CVE-2010-0650", "CVE-2010-0651", "CVE-2010-0656", "CVE-2010-0659", "CVE-2010-0661", "CVE-2010-1029", "CVE-2010-1126", "CVE-2010-1233", "CVE-2010-1236", "CVE-2010-1386", "CVE-2010-1387", "CVE-2010-1388", "CVE-2010-1389", "CVE-2010-1390", "CVE-2010-1391", "CVE-2010-1392", "CVE-2010-1393", "CVE-2010-1394", "CVE-2010-1395", "CVE-2010-1396", "CVE-2010-1397", "CVE-2010-1398", "CVE-2010-1399", "CVE-2010-1400", "CVE-2010-1401", "CVE-2010-1402", "CVE-2010-1403", "CVE-2010-1404", "CVE-2010-1405", "CVE-2010-1406", "CVE-2010-1407", "CVE-2010-1408", "CVE-2010-1409", "CVE-2010-1410", "CVE-2010-1412", "CVE-2010-1413", "CVE-2010-1414", "CVE-2010-1415", "CVE-2010-1416", "CVE-2010-1417", "CVE-2010-1418", "CVE-2010-1419", "CVE-2010-1421", "CVE-2010-1422", "CVE-2010-1729", "CVE-2010-1749", "CVE-2010-1757", "CVE-2010-1758", "CVE-2010-1759", "CVE-2010-1760", "CVE-2010-1761", "CVE-2010-1762", "CVE-2010-1763", "CVE-2010-1764", "CVE-2010-1766", "CVE-2010-1767", "CVE-2010-1769", "CVE-2010-1770", "CVE-2010-1771", "CVE-2010-1772", "CVE-2010-1773", "CVE-2010-1774", "CVE-2010-1780", "CVE-2010-1781", "CVE-2010-1782", "CVE-2010-1783", "CVE-2010-1784", "CVE-2010-1785", "CVE-2010-1786", "CVE-2010-1787", "CVE-2010-1788", "CVE-2010-1789", "CVE-2010-1790", "CVE-2010-1791", "CVE-2010-1792", "CVE-2010-1793", "CVE-2010-1807", "CVE-2010-1812", "CVE-2010-1813", "CVE-2010-1814", "CVE-2010-1815", "CVE-2010-1822", "CVE-2010-1823", "CVE-2010-1824", "CVE-2010-1825", "CVE-2010-2264", "CVE-2010-2295", "CVE-2010-2297", "CVE-2010-2300", "CVE-2010-2301", "CVE-2010-2302", "CVE-2010-2441", "CVE-2010-3116", "CVE-2010-3257", "CVE-2010-3259", "CVE-2010-3312", "CVE-2010-3803", "CVE-2010-3804", "CVE-2010-3805", "CVE-2010-3808", "CVE-2010-3809", "CVE-2010-3810", "CVE-2010-3811", "CVE-2010-3812", "CVE-2010-3813", "CVE-2010-3816", "CVE-2010-3817", "CVE-2010-3818", "CVE-2010-3819", "CVE-2010-3820", "CVE-2010-3821", "CVE-2010-3822", "CVE-2010-3823", "CVE-2010-3824", "CVE-2010-3826", "CVE-2010-3829", "CVE-2010-3900", "CVE-2010-4040"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libwebkit-1_0-2", "p-cpe:/a:novell:opensuse:libwebkit-1_0-2-32bit", "p-cpe:/a:novell:opensuse:libwebkit-devel", "p-cpe:/a:novell:opensuse:libwebkit-lang", "p-cpe:/a:novell:opensuse:webkit-jsc", "cpe:/o:novell:opensuse:11.3"], "id": "SUSE_11_3_LIBWEBKIT-110104.NASL", "href": "https://www.tenable.com/plugins/nessus/75629", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libwebkit-3787.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75629);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0945\", \"CVE-2009-1681\", \"CVE-2009-1684\", \"CVE-2009-1685\", \"CVE-2009-1686\", \"CVE-2009-1687\", \"CVE-2009-1688\", \"CVE-2009-1689\", \"CVE-2009-1690\", \"CVE-2009-1691\", \"CVE-2009-1692\", \"CVE-2009-1693\", \"CVE-2009-1694\", \"CVE-2009-1695\", \"CVE-2009-1696\", \"CVE-2009-1697\", \"CVE-2009-1698\", \"CVE-2009-1699\", \"CVE-2009-1700\", \"CVE-2009-1701\", \"CVE-2009-1702\", \"CVE-2009-1703\", \"CVE-2009-1709\", \"CVE-2009-1710\", \"CVE-2009-1711\", \"CVE-2009-1712\", \"CVE-2009-1713\", \"CVE-2009-1714\", \"CVE-2009-1715\", \"CVE-2009-1718\", \"CVE-2009-1724\", \"CVE-2009-1725\", \"CVE-2009-2195\", \"CVE-2009-2199\", \"CVE-2009-2200\", \"CVE-2009-2419\", \"CVE-2009-2797\", \"CVE-2009-2816\", \"CVE-2009-2841\", \"CVE-2009-3272\", \"CVE-2009-3384\", \"CVE-2009-3933\", \"CVE-2009-3934\", \"CVE-2010-0046\", \"CVE-2010-0047\", \"CVE-2010-0048\", \"CVE-2010-0049\", \"CVE-2010-0050\", \"CVE-2010-0051\", \"CVE-2010-0052\", \"CVE-2010-0053\", \"CVE-2010-0054\", \"CVE-2010-0315\", \"CVE-2010-0647\", \"CVE-2010-0650\", \"CVE-2010-0651\", \"CVE-2010-0656\", \"CVE-2010-0659\", \"CVE-2010-0661\", \"CVE-2010-1029\", \"CVE-2010-1126\", \"CVE-2010-1233\", \"CVE-2010-1236\", \"CVE-2010-1386\", \"CVE-2010-1387\", \"CVE-2010-1388\", \"CVE-2010-1389\", \"CVE-2010-1390\", \"CVE-2010-1391\", \"CVE-2010-1392\", \"CVE-2010-1393\", \"CVE-2010-1394\", \"CVE-2010-1395\", \"CVE-2010-1396\", \"CVE-2010-1397\", \"CVE-2010-1398\", \"CVE-2010-1399\", \"CVE-2010-1400\", \"CVE-2010-1401\", \"CVE-2010-1402\", \"CVE-2010-1403\", \"CVE-2010-1404\", \"CVE-2010-1405\", \"CVE-2010-1406\", \"CVE-2010-1407\", \"CVE-2010-1408\", \"CVE-2010-1409\", \"CVE-2010-1410\", \"CVE-2010-1412\", \"CVE-2010-1413\", \"CVE-2010-1414\", \"CVE-2010-1415\", \"CVE-2010-1416\", \"CVE-2010-1417\", \"CVE-2010-1418\", \"CVE-2010-1419\", \"CVE-2010-1421\", \"CVE-2010-1422\", \"CVE-2010-1729\", \"CVE-2010-1749\", \"CVE-2010-1757\", \"CVE-2010-1758\", \"CVE-2010-1759\", \"CVE-2010-1760\", \"CVE-2010-1761\", \"CVE-2010-1762\", \"CVE-2010-1763\", \"CVE-2010-1764\", \"CVE-2010-1766\", \"CVE-2010-1767\", \"CVE-2010-1769\", \"CVE-2010-1770\", \"CVE-2010-1771\", \"CVE-2010-1772\", \"CVE-2010-1773\", \"CVE-2010-1774\", \"CVE-2010-1780\", \"CVE-2010-1781\", \"CVE-2010-1782\", \"CVE-2010-1783\", \"CVE-2010-1784\", \"CVE-2010-1785\", \"CVE-2010-1786\", \"CVE-2010-1787\", \"CVE-2010-1788\", \"CVE-2010-1789\", \"CVE-2010-1790\", \"CVE-2010-1791\", \"CVE-2010-1792\", \"CVE-2010-1793\", \"CVE-2010-1807\", \"CVE-2010-1812\", \"CVE-2010-1813\", \"CVE-2010-1814\", \"CVE-2010-1815\", \"CVE-2010-1822\", \"CVE-2010-1823\", \"CVE-2010-1824\", \"CVE-2010-1825\", \"CVE-2010-2264\", \"CVE-2010-2295\", \"CVE-2010-2297\", \"CVE-2010-2300\", \"CVE-2010-2301\", \"CVE-2010-2302\", \"CVE-2010-2441\", \"CVE-2010-3116\", \"CVE-2010-3257\", \"CVE-2010-3259\", \"CVE-2010-3312\", \"CVE-2010-3803\", \"CVE-2010-3804\", \"CVE-2010-3805\", \"CVE-2010-3808\", \"CVE-2010-3809\", \"CVE-2010-3810\", \"CVE-2010-3811\", \"CVE-2010-3812\", \"CVE-2010-3813\", \"CVE-2010-3816\", \"CVE-2010-3817\", \"CVE-2010-3818\", \"CVE-2010-3819\", \"CVE-2010-3820\", \"CVE-2010-3821\", \"CVE-2010-3822\", \"CVE-2010-3823\", \"CVE-2010-3824\", \"CVE-2010-3826\", \"CVE-2010-3829\", \"CVE-2010-3900\");\n\n script_name(english:\"openSUSE Security Update : libwebkit (openSUSE-SU-2011:0024-1)\");\n script_summary(english:\"Check for the libwebkit-3787 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Various bugs in webkit have been fixed. The CVE id's are :\n\nCVE-2009-0945, CVE-2009-1681, CVE-2009-1684, CVE-2009-1685,\nCVE-2009-1686, CVE-2009-1687, CVE-2009-1688, CVE-2009-1689,\nCVE-2009-1691, CVE-2009-1690, CVE-2009-1692, CVE-2009-1693,\nCVE-2009-1694, CVE-2009-1695, CVE-2009-1696, CVE-2009-1697,\nCVE-2009-1698, CVE-2009-1699, CVE-2009-1700, CVE-2009-1701,\nCVE-2009-1702, CVE-2009-1703, CVE-2009-1709, CVE-2009-1710,\nCVE-2009-1711, CVE-2009-1712, CVE-2009-1713, CVE-2009-1714,\nCVE-2009-1715, CVE-2009-1718, CVE-2009-1724, CVE-2009-1725,\nCVE-2009-2195, CVE-2009-2199, CVE-2009-2200, CVE-2009-2419,\nCVE-2009-2797, CVE-2009-2816, CVE-2009-2841, CVE-2009-3272,\nCVE-2009-3384, CVE-2009-3933, CVE-2009-3934, CVE-2010-0046,\nCVE-2010-0047, CVE-2010-0048, CVE-2010-0049, CVE-2010-0050,\nCVE-2010-0052, CVE-2010-0053, CVE-2010-0054, CVE-2010-0315,\nCVE-2010-0647, CVE-2010-0051, CVE-2010-0650, CVE-2010-0651,\nCVE-2010-0656, CVE-2010-0659, CVE-2010-0661, CVE-2010-1029,\nCVE-2010-1126, CVE-2010-1233, CVE-2010-1236, CVE-2010-1386,\nCVE-2010-1387, CVE-2010-1388, CVE-2010-1389, CVE-2010-1390,\nCVE-2010-1391, CVE-2010-1392, CVE-2010-1393, CVE-2010-1394,\nCVE-2010-1395, CVE-2010-1396, CVE-2010-1397, CVE-2010-1398,\nCVE-2010-1399, CVE-2010-1400, CVE-2010-1401, CVE-2010-1402,\nCVE-2010-1403, CVE-2010-1404, CVE-2010-1405, CVE-2010-1406,\nCVE-2010-1407, CVE-2010-1408, CVE-2010-1409, CVE-2010-1410,\nCVE-2010-1412, CVE-2010-1413, CVE-2010-1414, CVE-2010-1415,\nCVE-2010-1416, CVE-2010-1417, CVE-2010-1418, CVE-2010-1419,\nCVE-2010-1421, CVE-2010-1422, CVE-2010-1729, CVE-2010-1749,\nCVE-2010-1757, CVE-2010-1758, CVE-2010-1759, CVE-2010-1760,\nCVE-2010-1761, CVE-2010-1762, CVE-2010-1763, CVE-2010-1764,\nCVE-2010-1766, CVE-2010-1767, CVE-2010-1769, CVE-2010-1770,\nCVE-2010-1771, CVE-2010-1772, CVE-2010-1773, CVE-2010-1774,\nCVE-2010-1780, CVE-2010-1781, CVE-2010-1782, CVE-2010-1783,\nCVE-2010-1784, CVE-2010-1785, CVE-2010-1786, CVE-2010-1787,\nCVE-2010-1788, CVE-2010-1789, CVE-2010-1790, CVE-2010-1791,\nCVE-2010-1792, CVE-2010-1793, CVE-2010-1807, CVE-2010-1812,\nCVE-2010-1813, CVE-2010-1814, CVE-2010-1815, CVE-2010-1822,\nCVE-2010-1823, CVE-2010-1824, CVE-2010-1825, CVE-2010-2264,\nCVE-2010-2295, CVE-2010-2297, CVE-2010-2300, CVE-2010-2301,\nCVE-2010-2302, CVE-2010-2441, CVE-2010-3116, CVE-2010-3257,\nCVE-2010-3259, CVE-2010-3312, CVE-2010-3803, CVE-2010-3804,\nCVE-2010-3805, CVE-2010-3808, CVE-2010-3809, CVE-2010-3810,\nCVE-2010-3811, CVE-2010-3812, CVE-2010-3813, CVE-2010-3816,\nCVE-2010-3817, CVE-2010-3818, CVE-2010-3819, CVE-2010-3820,\nCVE-2010-3821, CVE-2010-3822, CVE-2010-3823, CVE-2010-3824,\nCVE-2010-3826, CVE-2010-3829, CVE-2010-3900, CVE-2010-4040\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=601349\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-01/msg00013.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libwebkit packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(20, 79, 94, 119, 189, 200, 264, 310, 352, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit-1_0-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit-1_0-2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit-jsc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libwebkit-1_0-2-1.2.6-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libwebkit-devel-1.2.6-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libwebkit-lang-1.2.6-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"webkit-jsc-1.2.6-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", cpu:\"x86_64\", reference:\"libwebkit-1_0-2-32bit-1.2.6-0.2.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libwebkit-1_0-2 / libwebkit-1_0-2-32bit / libwebkit-devel / etc\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-27T14:50:00", "description": "Various bugs in webkit have been fixed. The CVE id's are :\n\nCVE-2009-0945, CVE-2009-1681, CVE-2009-1684, CVE-2009-1685, CVE-2009-1686, CVE-2009-1687, CVE-2009-1688, CVE-2009-1689, CVE-2009-1691, CVE-2009-1690, CVE-2009-1692, CVE-2009-1693, CVE-2009-1694, CVE-2009-1695, CVE-2009-1696, CVE-2009-1697, CVE-2009-1698, CVE-2009-1699, CVE-2009-1700, CVE-2009-1701, CVE-2009-1702, CVE-2009-1703, CVE-2009-1709, CVE-2009-1710, CVE-2009-1711, CVE-2009-1712, CVE-2009-1713, CVE-2009-1714, CVE-2009-1715, CVE-2009-1718, CVE-2009-1724, CVE-2009-1725, CVE-2009-2195, CVE-2009-2199, CVE-2009-2200, CVE-2009-2419, CVE-2009-2797, CVE-2009-2816, CVE-2009-2841, CVE-2009-3272, CVE-2009-3384, CVE-2009-3933, CVE-2009-3934, CVE-2010-0046, CVE-2010-0047, CVE-2010-0048, CVE-2010-0049, CVE-2010-0050, CVE-2010-0052, CVE-2010-0053, CVE-2010-0054, CVE-2010-0315, CVE-2010-0647, CVE-2010-0051, CVE-2010-0650, CVE-2010-0651, CVE-2010-0656, CVE-2010-0659, CVE-2010-0661, CVE-2010-1029, CVE-2010-1126, CVE-2010-1233, CVE-2010-1236, CVE-2010-1386, CVE-2010-1387, CVE-2010-1388, CVE-2010-1389, CVE-2010-1390, CVE-2010-1391, CVE-2010-1392, CVE-2010-1393, CVE-2010-1394, CVE-2010-1395, CVE-2010-1396, CVE-2010-1397, CVE-2010-1398, CVE-2010-1399, CVE-2010-1400, CVE-2010-1401, CVE-2010-1402, CVE-2010-1403, CVE-2010-1404, CVE-2010-1405, CVE-2010-1406, CVE-2010-1407, CVE-2010-1408, CVE-2010-1409, CVE-2010-1410, CVE-2010-1412, CVE-2010-1413, CVE-2010-1414, CVE-2010-1415, CVE-2010-1416, CVE-2010-1417, CVE-2010-1418, CVE-2010-1419, CVE-2010-1421, CVE-2010-1422, CVE-2010-1729, CVE-2010-1749, CVE-2010-1757, CVE-2010-1758, CVE-2010-1759, CVE-2010-1760, CVE-2010-1761, CVE-2010-1762, CVE-2010-1763, CVE-2010-1764, CVE-2010-1766, CVE-2010-1767, CVE-2010-1769, CVE-2010-1770, CVE-2010-1771, CVE-2010-1772, CVE-2010-1773, CVE-2010-1774, CVE-2010-1780, CVE-2010-1781, CVE-2010-1782, CVE-2010-1783, CVE-2010-1784, CVE-2010-1785, CVE-2010-1786, CVE-2010-1787, CVE-2010-1788, CVE-2010-1789, CVE-2010-1790, CVE-2010-1791, CVE-2010-1792, CVE-2010-1793, CVE-2010-1807, CVE-2010-1812, CVE-2010-1813, CVE-2010-1814, CVE-2010-1815, CVE-2010-1822, CVE-2010-1823, CVE-2010-1824, CVE-2010-1825, CVE-2010-2264, CVE-2010-2295, CVE-2010-2297, CVE-2010-2300, CVE-2010-2301, CVE-2010-2302, CVE-2010-2441, CVE-2010-3116, CVE-2010-3257, CVE-2010-3259, CVE-2010-3312, CVE-2010-3803, CVE-2010-3804, CVE-2010-3805, CVE-2010-3808, CVE-2010-3809, CVE-2010-3810, CVE-2010-3811, CVE-2010-3812, CVE-2010-3813, CVE-2010-3816, CVE-2010-3817, CVE-2010-3818, CVE-2010-3819, CVE-2010-3820, CVE-2010-3821, CVE-2010-3822, CVE-2010-3823, CVE-2010-3824, CVE-2010-3826, CVE-2010-3829, CVE-2010-3900, CVE-2010-4040", "cvss3": {"score": null, "vector": null}, "published": "2011-05-05T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libwebkit (openSUSE-SU-2011:0024-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0945", "CVE-2009-1681", "CVE-2009-1684", "CVE-2009-1685", "CVE-2009-1686", "CVE-2009-1687", "CVE-2009-1688", "CVE-2009-1689", "CVE-2009-1690", "CVE-2009-1691", "CVE-2009-1692", "CVE-2009-1693", "CVE-2009-1694", "CVE-2009-1695", "CVE-2009-1696", "CVE-2009-1697", "CVE-2009-1698", "CVE-2009-1699", "CVE-2009-1700", "CVE-2009-1701", "CVE-2009-1702", "CVE-2009-1703", "CVE-2009-1709", "CVE-2009-1710", "CVE-2009-1711", "CVE-2009-1712", "CVE-2009-1713", "CVE-2009-1714", "CVE-2009-1715", "CVE-2009-1718", "CVE-2009-1724", "CVE-2009-1725", "CVE-2009-2195", "CVE-2009-2199", "CVE-2009-2200", "CVE-2009-2419", "CVE-2009-2797", "CVE-2009-2816", "CVE-2009-2841", "CVE-2009-3272", "CVE-2009-3384", "CVE-2009-3933", "CVE-2009-3934", "CVE-2010-0046", "CVE-2010-0047", "CVE-2010-0048", "CVE-2010-0049", "CVE-2010-0050", "CVE-2010-0051", "CVE-2010-0052", "CVE-2010-0053", "CVE-2010-0054", "CVE-2010-0315", "CVE-2010-0647", "CVE-2010-0650", "CVE-2010-0651", "CVE-2010-0656", "CVE-2010-0659", "CVE-2010-0661", "CVE-2010-1029", "CVE-2010-1126", "CVE-2010-1233", "CVE-2010-1236", "CVE-2010-1386", "CVE-2010-1387", "CVE-2010-1388", "CVE-2010-1389", "CVE-2010-1390", "CVE-2010-1391", "CVE-2010-1392", "CVE-2010-1393", "CVE-2010-1394", "CVE-2010-1395", "CVE-2010-1396", "CVE-2010-1397", "CVE-2010-1398", "CVE-2010-1399", "CVE-2010-1400", "CVE-2010-1401", "CVE-2010-1402", "CVE-2010-1403", "CVE-2010-1404", "CVE-2010-1405", "CVE-2010-1406", "CVE-2010-1407", "CVE-2010-1408", "CVE-2010-1409", "CVE-2010-1410", "CVE-2010-1412", "CVE-2010-1413", "CVE-2010-1414", "CVE-2010-1415", "CVE-2010-1416", "CVE-2010-1417", "CVE-2010-1418", "CVE-2010-1419", "CVE-2010-1421", "CVE-2010-1422", "CVE-2010-1729", "CVE-2010-1749", "CVE-2010-1757", "CVE-2010-1758", "CVE-2010-1759", "CVE-2010-1760", "CVE-2010-1761", "CVE-2010-1762", "CVE-2010-1763", "CVE-2010-1764", "CVE-2010-1766", "CVE-2010-1767", "CVE-2010-1769", "CVE-2010-1770", "CVE-2010-1771", "CVE-2010-1772", "CVE-2010-1773", "CVE-2010-1774", "CVE-2010-1780", "CVE-2010-1781", "CVE-2010-1782", "CVE-2010-1783", "CVE-2010-1784", "CVE-2010-1785", "CVE-2010-1786", "CVE-2010-1787", "CVE-2010-1788", "CVE-2010-1789", "CVE-2010-1790", "CVE-2010-1791", "CVE-2010-1792", "CVE-2010-1793", "CVE-2010-1807", "CVE-2010-1812", "CVE-2010-1813", "CVE-2010-1814", "CVE-2010-1815", "CVE-2010-1822", "CVE-2010-1823", "CVE-2010-1824", "CVE-2010-1825", "CVE-2010-2264", "CVE-2010-2295", "CVE-2010-2297", "CVE-2010-2300", "CVE-2010-2301", "CVE-2010-2302", "CVE-2010-2441", "CVE-2010-3116", "CVE-2010-3257", "CVE-2010-3259", "CVE-2010-3312", "CVE-2010-3803", "CVE-2010-3804", "CVE-2010-3805", "CVE-2010-3808", "CVE-2010-3809", "CVE-2010-3810", "CVE-2010-3811", "CVE-2010-3812", "CVE-2010-3813", "CVE-2010-3816", "CVE-2010-3817", "CVE-2010-3818", "CVE-2010-3819", "CVE-2010-3820", "CVE-2010-3821", "CVE-2010-3822", "CVE-2010-3823", "CVE-2010-3824", "CVE-2010-3826", "CVE-2010-3829", "CVE-2010-3900", "CVE-2010-4040"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libwebkit-1_0-2", "p-cpe:/a:novell:opensuse:libwebkit-devel", "p-cpe:/a:novell:opensuse:libwebkit-lang", "p-cpe:/a:novell:opensuse:webkit-jsc", "cpe:/o:novell:opensuse:11.2"], "id": "SUSE_11_2_LIBWEBKIT-110111.NASL", "href": "https://www.tenable.com/plugins/nessus/53764", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libwebkit-3787.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(53764);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0945\", \"CVE-2009-1681\", \"CVE-2009-1684\", \"CVE-2009-1685\", \"CVE-2009-1686\", \"CVE-2009-1687\", \"CVE-2009-1688\", \"CVE-2009-1689\", \"CVE-2009-1690\", \"CVE-2009-1691\", \"CVE-2009-1692\", \"CVE-2009-1693\", \"CVE-2009-1694\", \"CVE-2009-1695\", \"CVE-2009-1696\", \"CVE-2009-1697\", \"CVE-2009-1698\", \"CVE-2009-1699\", \"CVE-2009-1700\", \"CVE-2009-1701\", \"CVE-2009-1702\", \"CVE-2009-1703\", \"CVE-2009-1709\", \"CVE-2009-1710\", \"CVE-2009-1711\", \"CVE-2009-1712\", \"CVE-2009-1713\", \"CVE-2009-1714\", \"CVE-2009-1715\", \"CVE-2009-1718\", \"CVE-2009-1724\", \"CVE-2009-1725\", \"CVE-2009-2195\", \"CVE-2009-2199\", \"CVE-2009-2200\", \"CVE-2009-2419\", \"CVE-2009-2797\", \"CVE-2009-2816\", \"CVE-2009-2841\", \"CVE-2009-3272\", \"CVE-2009-3384\", \"CVE-2009-3933\", \"CVE-2009-3934\", \"CVE-2010-0046\", \"CVE-2010-0047\", \"CVE-2010-0048\", \"CVE-2010-0049\", \"CVE-2010-0050\", \"CVE-2010-0051\", \"CVE-2010-0052\", \"CVE-2010-0053\", \"CVE-2010-0054\", \"CVE-2010-0315\", \"CVE-2010-0647\", \"CVE-2010-0650\", \"CVE-2010-0651\", \"CVE-2010-0656\", \"CVE-2010-0659\", \"CVE-2010-0661\", \"CVE-2010-1029\", \"CVE-2010-1126\", \"CVE-2010-1233\", \"CVE-2010-1236\", \"CVE-2010-1386\", \"CVE-2010-1387\", \"CVE-2010-1388\", \"CVE-2010-1389\", \"CVE-2010-1390\", \"CVE-2010-1391\", \"CVE-2010-1392\", \"CVE-2010-1393\", \"CVE-2010-1394\", \"CVE-2010-1395\", \"CVE-2010-1396\", \"CVE-2010-1397\", \"CVE-2010-1398\", \"CVE-2010-1399\", \"CVE-2010-1400\", \"CVE-2010-1401\", \"CVE-2010-1402\", \"CVE-2010-1403\", \"CVE-2010-1404\", \"CVE-2010-1405\", \"CVE-2010-1406\", \"CVE-2010-1407\", \"CVE-2010-1408\", \"CVE-2010-1409\", \"CVE-2010-1410\", \"CVE-2010-1412\", \"CVE-2010-1413\", \"CVE-2010-1414\", \"CVE-2010-1415\", \"CVE-2010-1416\", \"CVE-2010-1417\", \"CVE-2010-1418\", \"CVE-2010-1419\", \"CVE-2010-1421\", \"CVE-2010-1422\", \"CVE-2010-1729\", \"CVE-2010-1749\", \"CVE-2010-1757\", \"CVE-2010-1758\", \"CVE-2010-1759\", \"CVE-2010-1760\", \"CVE-2010-1761\", \"CVE-2010-1762\", \"CVE-2010-1763\", \"CVE-2010-1764\", \"CVE-2010-1766\", \"CVE-2010-1767\", \"CVE-2010-1769\", \"CVE-2010-1770\", \"CVE-2010-1771\", \"CVE-2010-1772\", \"CVE-2010-1773\", \"CVE-2010-1774\", \"CVE-2010-1780\", \"CVE-2010-1781\", \"CVE-2010-1782\", \"CVE-2010-1783\", \"CVE-2010-1784\", \"CVE-2010-1785\", \"CVE-2010-1786\", \"CVE-2010-1787\", \"CVE-2010-1788\", \"CVE-2010-1789\", \"CVE-2010-1790\", \"CVE-2010-1791\", \"CVE-2010-1792\", \"CVE-2010-1793\", \"CVE-2010-1807\", \"CVE-2010-1812\", \"CVE-2010-1813\", \"CVE-2010-1814\", \"CVE-2010-1815\", \"CVE-2010-1822\", \"CVE-2010-1823\", \"CVE-2010-1824\", \"CVE-2010-1825\", \"CVE-2010-2264\", \"CVE-2010-2295\", \"CVE-2010-2297\", \"CVE-2010-2300\", \"CVE-2010-2301\", \"CVE-2010-2302\", \"CVE-2010-2441\", \"CVE-2010-3116\", \"CVE-2010-3257\", \"CVE-2010-3259\", \"CVE-2010-3312\", \"CVE-2010-3803\", \"CVE-2010-3804\", \"CVE-2010-3805\", \"CVE-2010-3808\", \"CVE-2010-3809\", \"CVE-2010-3810\", \"CVE-2010-3811\", \"CVE-2010-3812\", \"CVE-2010-3813\", \"CVE-2010-3816\", \"CVE-2010-3817\", \"CVE-2010-3818\", \"CVE-2010-3819\", \"CVE-2010-3820\", \"CVE-2010-3821\", \"CVE-2010-3822\", \"CVE-2010-3823\", \"CVE-2010-3824\", \"CVE-2010-3826\", \"CVE-2010-3829\", \"CVE-2010-3900\");\n\n script_name(english:\"openSUSE Security Update : libwebkit (openSUSE-SU-2011:0024-1)\");\n script_summary(english:\"Check for the libwebkit-3787 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Various bugs in webkit have been fixed. The CVE id's are :\n\nCVE-2009-0945, CVE-2009-1681, CVE-2009-1684, CVE-2009-1685,\nCVE-2009-1686, CVE-2009-1687, CVE-2009-1688, CVE-2009-1689,\nCVE-2009-1691, CVE-2009-1690, CVE-2009-1692, CVE-2009-1693,\nCVE-2009-1694, CVE-2009-1695, CVE-2009-1696, CVE-2009-1697,\nCVE-2009-1698, CVE-2009-1699, CVE-2009-1700, CVE-2009-1701,\nCVE-2009-1702, CVE-2009-1703, CVE-2009-1709, CVE-2009-1710,\nCVE-2009-1711, CVE-2009-1712, CVE-2009-1713, CVE-2009-1714,\nCVE-2009-1715, CVE-2009-1718, CVE-2009-1724, CVE-2009-1725,\nCVE-2009-2195, CVE-2009-2199, CVE-2009-2200, CVE-2009-2419,\nCVE-2009-2797, CVE-2009-2816, CVE-2009-2841, CVE-2009-3272,\nCVE-2009-3384, CVE-2009-3933, CVE-2009-3934, CVE-2010-0046,\nCVE-2010-0047, CVE-2010-0048, CVE-2010-0049, CVE-2010-0050,\nCVE-2010-0052, CVE-2010-0053, CVE-2010-0054, CVE-2010-0315,\nCVE-2010-0647, CVE-2010-0051, CVE-2010-0650, CVE-2010-0651,\nCVE-2010-0656, CVE-2010-0659, CVE-2010-0661, CVE-2010-1029,\nCVE-2010-1126, CVE-2010-1233, CVE-2010-1236, CVE-2010-1386,\nCVE-2010-1387, CVE-2010-1388, CVE-2010-1389, CVE-2010-1390,\nCVE-2010-1391, CVE-2010-1392, CVE-2010-1393, CVE-2010-1394,\nCVE-2010-1395, CVE-2010-1396, CVE-2010-1397, CVE-2010-1398,\nCVE-2010-1399, CVE-2010-1400, CVE-2010-1401, CVE-2010-1402,\nCVE-2010-1403, CVE-2010-1404, CVE-2010-1405, CVE-2010-1406,\nCVE-2010-1407, CVE-2010-1408, CVE-2010-1409, CVE-2010-1410,\nCVE-2010-1412, CVE-2010-1413, CVE-2010-1414, CVE-2010-1415,\nCVE-2010-1416, CVE-2010-1417, CVE-2010-1418, CVE-2010-1419,\nCVE-2010-1421, CVE-2010-1422, CVE-2010-1729, CVE-2010-1749,\nCVE-2010-1757, CVE-2010-1758, CVE-2010-1759, CVE-2010-1760,\nCVE-2010-1761, CVE-2010-1762, CVE-2010-1763, CVE-2010-1764,\nCVE-2010-1766, CVE-2010-1767, CVE-2010-1769, CVE-2010-1770,\nCVE-2010-1771, CVE-2010-1772, CVE-2010-1773, CVE-2010-1774,\nCVE-2010-1780, CVE-2010-1781, CVE-2010-1782, CVE-2010-1783,\nCVE-2010-1784, CVE-2010-1785, CVE-2010-1786, CVE-2010-1787,\nCVE-2010-1788, CVE-2010-1789, CVE-2010-1790, CVE-2010-1791,\nCVE-2010-1792, CVE-2010-1793, CVE-2010-1807, CVE-2010-1812,\nCVE-2010-1813, CVE-2010-1814, CVE-2010-1815, CVE-2010-1822,\nCVE-2010-1823, CVE-2010-1824, CVE-2010-1825, CVE-2010-2264,\nCVE-2010-2295, CVE-2010-2297, CVE-2010-2300, CVE-2010-2301,\nCVE-2010-2302, CVE-2010-2441, CVE-2010-3116, CVE-2010-3257,\nCVE-2010-3259, CVE-2010-3312, CVE-2010-3803, CVE-2010-3804,\nCVE-2010-3805, CVE-2010-3808, CVE-2010-3809, CVE-2010-3810,\nCVE-2010-3811, CVE-2010-3812, CVE-2010-3813, CVE-2010-3816,\nCVE-2010-3817, CVE-2010-3818, CVE-2010-3819, CVE-2010-3820,\nCVE-2010-3821, CVE-2010-3822, CVE-2010-3823, CVE-2010-3824,\nCVE-2010-3826, CVE-2010-3829, CVE-2010-3900, CVE-2010-4040\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=601349\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-01/msg00013.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libwebkit packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(20, 79, 94, 119, 189, 200, 264, 310, 352, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit-1_0-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit-jsc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.2\", reference:\"libwebkit-1_0-2-1.2.6-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"libwebkit-devel-1.2.6-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"libwebkit-lang-1.2.6-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"webkit-jsc-1.2.6-0.5.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libwebkit-1_0-2 / libwebkit-devel / libwebkit-lang / webkit-jsc\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2022-02-25T23:56:41", "description": "It was discovered that Qt did not properly handle certificates with NULL \ncharacters in the Subject Alternative Name field of X.509 certificates. An \nattacker could exploit this to perform a machine-in-the-middle attack to view \nsensitive information or alter encrypted communications. (CVE-2009-2700)\n", "cvss3": {}, "published": "2009-09-10T00:00:00", "type": "ubuntu", "title": "Qt vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2700"], "modified": "2009-09-10T00:00:00", "id": "USN-829-1", "href": "https://ubuntu.com/security/notices/USN-829-1", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-01-04T13:25:03", "description": "It was discovered that WebKit did not properly handle certain SVGPathList \ndata structures. If a user were tricked into viewing a malicious website, \nan attacker could exploit this to execute arbitrary code with the \nprivileges of the user invoking the program. (CVE-2009-0945)\n\nSeveral flaws were discovered in the WebKit browser and JavaScript engines. \nIf a user were tricked into viewing a malicious website, a remote attacker \ncould cause a denial of service or possibly execute arbitrary code with the \nprivileges of the user invoking the program. (CVE-2009-1687, CVE-2009-1690, \nCVE-2009-1698, CVE-2009-1711, CVE-2009-1725)\n\nIt was discovered that WebKit did not prevent the loading of local Java \napplets. If a user were tricked into viewing a malicious website, \nan attacker could exploit this to execute arbitrary code with the \nprivileges of the user invoking the program. (CVE-2009-1712)\n", "cvss3": {}, "published": "2009-09-23T00:00:00", "type": "ubuntu", "title": "WebKit vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1687", "CVE-2009-1711", "CVE-2009-1690", "CVE-2009-1725", "CVE-2009-1712", "CVE-2009-1698", "CVE-2009-0945"], "modified": "2009-09-23T00:00:00", "id": "USN-836-1", "href": "https://ubuntu.com/security/notices/USN-836-1", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-04T13:23:52", "description": "It was discovered that QtWebKit did not properly handle certain SVGPathList \ndata structures. If a user were tricked into viewing a malicious website, \nan attacker could exploit this to execute arbitrary code with the \nprivileges of the user invoking the program. (CVE-2009-0945)\n\nSeveral flaws were discovered in the QtWebKit browser and JavaScript \nengines. If a user were tricked into viewing a malicious website, a remote \nattacker could cause a denial of service or possibly execute arbitrary code \nwith the privileges of the user invoking the program. (CVE-2009-1687, \nCVE-2009-1690, CVE-2009-1698, CVE-2009-1711, CVE-2009-1725)\n\nIt was discovered that QtWebKit did not properly handle certain XSL \nstylesheets. If a user were tricked into viewing a malicious website, \nan attacker could exploit this to read arbitrary local files, and possibly \nfiles from different security zones. (CVE-2009-1699, CVE-2009-1713)\n\nIt was discovered that QtWebKit did not prevent the loading of local Java \napplets. If a user were tricked into viewing a malicious website, an \nattacker could exploit this to execute arbitrary code with the privileges \nof the user invoking the program. (CVE-2009-1712)\n", "cvss3": {}, "published": "2009-11-10T00:00:00", "type": "ubuntu", "title": "Qt vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1687", "CVE-2009-1711", "CVE-2009-1690", "CVE-2009-1699", "CVE-2009-1725", "CVE-2009-1712", "CVE-2009-1698", "CVE-2009-0945", "CVE-2009-1713"], "modified": "2009-11-10T00:00:00", "id": "USN-857-1", "href": "https://ubuntu.com/security/notices/USN-857-1", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "ubuntucve": [{"lastseen": "2021-11-22T21:59:29", "description": "src/network/ssl/qsslcertificate.cpp in Nokia Trolltech Qt 4.x does not\nproperly handle a '\\0' character in a domain name in the Subject\nAlternative Name field of an X.509 certificate, which allows\nman-in-the-middle attackers to spoof arbitrary SSL servers via a crafted\ncertificate issued by a legitimate Certification Authority, a related issue\nto CVE-2009-2408.", "cvss3": {}, "published": "2009-09-02T00:00:00", "type": "ubuntucve", "title": "CVE-2009-2700", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2700"], "modified": "2009-09-02T00:00:00", "id": "UB:CVE-2009-2700", "href": "https://ubuntu.com/security/CVE-2009-2700", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-11-22T21:59:36", "description": "WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1,\niPhone OS before 3.1.1 for iPod touch, and other platforms; KHTML in\nkdelibs in KDE; QtWebKit (aka Qt toolkit); and possibly other products do\nnot properly handle numeric character references, which allows remote\nattackers to execute arbitrary code or cause a denial of service (memory\ncorruption and application crash) via a crafted HTML document.\n\n#### Bugs\n\n * <https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-1725>\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=538347>\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=538346>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | webkit is a fork of khtml from kdelibs. kdelibs5 is farther from it, while qt4-x11 attempts to unify khtml and webkit \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | PoC: http://trac.webkit.org/browser/trunk/LayoutTests/fast/parser/eightdigithexentity.html?rev=44799&amp;format=txt expected output: http://trac.webkit.org/browser/trunk/LayoutTests/fast/parser/eightdigithexentity-expected.txt?rev=44799&amp;format=txt direct link: http://trac.webkit.org/export/46476/trunk/LayoutTests/fast/parser/eightdigithexentity.html as per RH bug, in kde4libs, this is a rendering bug, not a security bug\n", "cvss3": {}, "published": "2009-07-09T00:00:00", "type": "ubuntucve", "title": "CVE-2009-1725", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1725"], "modified": "2009-07-09T00:00:00", "id": "UB:CVE-2009-1725", "href": "https://ubuntu.com/security/CVE-2009-1725", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "cve": [{"lastseen": "2022-03-23T21:27:20", "description": "WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms; KHTML in kdelibs in KDE; QtWebKit (aka Qt toolkit); and possibly other products do not properly handle numeric character references, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.", "cvss3": {}, "published": "2009-07-09T17:30:00", "type": "cve", "title": "CVE-2009-1725", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1725"], "modified": "2017-09-29T01:34:00", "cpe": ["cpe:/a:apple:safari:2.0.0", "cpe:/a:apple:safari:3.0.0", "cpe:/o:apple:iphone_os:2.0.0", "cpe:/a:apple:safari:2.0", "cpe:/a:apple:safari:3.2.1", "cpe:/o:apple:iphone_os:1.1.5", "cpe:/o:apple:iphone_os:1.1.0", "cpe:/o:apple:iphone_os:1.1.3", "cpe:/o:apple:iphone_os:1.0.0", "cpe:/o:apple:iphone_os:3.0.1", "cpe:/h:apple:iphone:*", "cpe:/a:apple:safari:2.0.4", "cpe:/a:apple:safari:3.0.3b", "cpe:/o:apple:iphone_os:2.2", "cpe:/a:apple:safari:3.0.4b", "cpe:/a:apple:safari:4.0.0b", "cpe:/o:apple:iphone_os:2.0.1", "cpe:/a:apple:safari:3.0.3", "cpe:/o:apple:iphone_os:1.0.2", "cpe:/a:apple:safari:3.0.4", "cpe:/a:apple:safari:3.2.2", "cpe:/o:apple:iphone_os:1.1.4", "cpe:/a:apple:safari:2.0.3", "cpe:/o:apple:iphone_os:1.0.1", "cpe:/a:apple:safari:3.0.0b", "cpe:/o:apple:iphone_os:2.1.1", "cpe:/h:apple:ipod_touch:*", "cpe:/a:apple:safari:4.0", "cpe:/a:apple:safari:3.1.1", "cpe:/a:apple:safari:3.1.2", "cpe:/o:apple:iphone_os:1.1.2", "cpe:/a:apple:safari:2.0.2", "cpe:/a:apple:safari:3.0.1", "cpe:/a:apple:safari:4.0.1", "cpe:/a:apple:safari:3.0.2b", "cpe:/o:apple:iphone_os:3.1", "cpe:/a:apple:safari:3.0.2", "cpe:/a:apple:safari:2.0.1", "cpe:/o:apple:iphone_os:3.0", "cpe:/o:apple:iphone_os:2.0", "cpe:/a:apple:safari:3.0.1b", "cpe:/o:apple:iphone_os:2.2.1", "cpe:/a:apple:safari:3.1.0b", "cpe:/a:apple:safari:3.0", "cpe:/o:apple:iphone_os:2.1", "cpe:/o:apple:iphone_os:2.0.2", "cpe:/a:apple:safari:3.2.0", "cpe:/o:apple:iphone_os:1.1.1", "cpe:/a:apple:safari:3.1.0"], "id": "CVE-2009-1725", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1725", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.3:417.9.3:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:h:apple:ipod_touch:*:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.4b:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.1.0b:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.1:beta:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:1.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.1b:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.2b:*:*:*:*:*:*:*", "cpe:2.3:h:apple:iphone:*:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:2.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.3:417.8:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.3:417.9:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:2.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.3:417.9.2:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.3b:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:1.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.0b:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:1.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:1.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:1.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:2.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:3.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.2.1:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T21:31:40", "description": "src/network/ssl/qsslcertificate.cpp in Nokia Trolltech Qt 4.x does not properly handle a '\\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.", "cvss3": {}, "published": "2009-09-02T17:30:00", "type": "cve", "title": "CVE-2009-2700", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2408", "CVE-2009-2700"], "modified": "2021-06-16T12:43:00", "cpe": ["cpe:/a:qt:qt:4.5.2", "cpe:/a:qt:qt:4.3.3", "cpe:/a:qt:qt:4.8.2", "cpe:/a:qt:qt:4.3.0", "cpe:/a:qt:qt:4.0.1", "cpe:/a:qt:qt:4.1.4", "cpe:/a:qt:qt:4.5.3", "cpe:/a:qt:qt:4.2.1", "cpe:/a:qt:qt:4.8.1", "cpe:/a:qt:qt:4.0.0", "cpe:/a:qt:qt:4.8.0", "cpe:/a:qt:qt:4.6.1", "cpe:/a:qt:qt:4.7.4", "cpe:/a:qt:qt:4.4.2", "cpe:/a:qt:qt:4.8.3", "cpe:/a:qt:qt:4.1.3", "cpe:/a:qt:qt:4.4.0", "cpe:/a:qt:qt:4.2.3", "cpe:/a:qt:qt:4.7.5", "cpe:/a:qt:qt:4.6.3", "cpe:/a:qt:qt:4.7.2", "cpe:/a:qt:qt:4.6.2", "cpe:/a:qt:qt:4.1.0", "cpe:/a:qt:qt:4.4.3", "cpe:/a:qt:qt:4.6.4", "cpe:/a:qt:qt:4.3.2", "cpe:/a:qt:qt:4.4.1", "cpe:/a:qt:qt:4.2.0", "cpe:/a:qt:qt:4.1.2", "cpe:/a:qt:qt:4.7.3", "cpe:/a:qt:qt:4.1.1", "cpe:/a:qt:qt:4.3.4", "cpe:/a:qt:qt:4.6.0", "cpe:/a:qt:qt:4.7.0", "cpe:/a:qt:qt:4.8.4", "cpe:/a:qt:qt:4.1.5", "cpe:/a:qt:qt:4.3.5", "cpe:/a:qt:qt:4.7.1", "cpe:/a:qt:qt:4.5.1", "cpe:/a:qt:qt:4.5.0", "cpe:/a:qt:qt:4.3.1"], "id": "CVE-2009-2700", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2700", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:qt:qt:4.6.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:qt:qt:4.7.5:*:*:*:*:*:*:*", "cpe:2.3:a:qt:qt:4.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:qt:qt:4.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:qt:qt:4.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:qt:qt:4.8.4:*:*:*:*:*:*:*", "cpe:2.3:a:qt:qt:4.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:qt:qt:4.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:qt:qt:4.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:qt:qt:4.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:qt:qt:4.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:qt:qt:4.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:qt:qt:4.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:qt:qt:4.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:qt:qt:4.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:qt:qt:4.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:qt:qt:4.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:qt:qt:4.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:qt:qt:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:qt:qt:4.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:qt:qt:4.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:qt:qt:4.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:qt:qt:4.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:qt:qt:4.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:qt:qt:4.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:qt:qt:4.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:qt:qt:4.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:qt:qt:4.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:qt:qt:4.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:qt:qt:4.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:qt:qt:4.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:qt:qt:4.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:qt:qt:4.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:qt:qt:4.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:qt:qt:4.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:qt:qt:4.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:qt:qt:4.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:qt:qt:4.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:qt:qt:4.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:qt:qt:4.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:qt:qt:4.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:qt:qt:4.8.2:*:*:*:*:*:*:*"]}], "debiancve": [{"lastseen": "2021-12-14T17:49:31", "description": "WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms; KHTML in kdelibs in KDE; QtWebKit (aka Qt toolkit); and possibly other products do not properly handle numeric character references, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.", "cvss3": {}, "published": "2009-07-09T17:30:00", "type": "debiancve", "title": "CVE-2009-1725", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1725"], "modified": "2009-07-09T17:30:00", "id": "DEBIANCVE:CVE-2009-1725", "href": "https://security-tracker.debian.org/tracker/CVE-2009-1725", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-17T19:33:13", "description": "src/network/ssl/qsslcertificate.cpp in Nokia Trolltech Qt 4.x does not properly handle a '\\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.", "cvss3": {}, "published": "2009-09-02T17:30:00", "type": "debiancve", "title": "CVE-2009-2700", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2408", "CVE-2009-2700"], "modified": "2009-09-02T17:30:00", "id": "DEBIANCVE:CVE-2009-2700", "href": "https://security-tracker.debian.org/tracker/CVE-2009-2700", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "debian": [{"lastseen": "2022-01-11T11:36:17", "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1988-1 security@debian.org\nhttp://www.debian.org/security/ Giuseppe Iuculano\nFebruary 02, 2010 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackages : qt4-x11\nVulnerability : several vulnerabilities\nProblem type : local (remote)\nDebian-specific: no\nCVE Ids : CVE-2009-0945 CVE-2009-1687 CVE-2009-1690 CVE-2009-1698\n CVE-2009-1699 CVE-2009-1711 CVE-2009-1712 CVE-2009-1713\n CVE-2009-1725 CVE-2009-2700\nDebian Bugs : 532718 534946 538347 545793\n\n\nSeveral vulnerabilities have been discovered in qt4-x11, a cross-platform\nC++ application framework.\nThe Common Vulnerabilities and Exposures project identifies the\nfollowing problems:\n\nCVE-2009-0945\n\nArray index error in the insertItemBefore method in WebKit, as used in qt4-x11,\nallows remote attackers to execute arbitrary code.\n\n\nCVE-2009-1687\n\nThe JavaScript garbage collector in WebKit, as used in qt4-x11 does not\nproperly handle allocation failures, which allows remote attackers to\nexecute arbitrary code or cause a denial of service (memory corruption\nand application crash) via a crafted HTML document that triggers write\naccess to an &quot;offset of a NULL pointer.\n\n\nCVE-2009-1690\n\nUse-after-free vulnerability in WebKit, as used in qt4-x11, allows remote\nattackers to execute arbitrary code or cause a denial of service (memory\ncorruption and application crash) by setting an unspecified property of\nan HTML tag that causes child elements to be freed and later accessed\nwhen an HTML error occurs.\n\n\nCVE-2009-1698\n\nWebKit in qt4-x11 does not initialize a pointer during handling of a\nCascading Style Sheets (CSS) attr function call with a large numerical\nargument, which allows remote attackers to execute arbitrary code or\ncause a denial of service (memory corruption and application crash) via\na crafted HTML document.\n\n\nCVE-2009-1699\n\nThe XSL stylesheet implementation in WebKit, as used in qt4-x11 does\nnot properly handle XML external entities, which allows remote attackers to read\narbitrary files via a crafted DTD.\n\n\nCVE-2009-1711\n\nWebKit in qt4-x11 does not properly initialize memory for Attr DOM objects,\nwhich allows remote attackers to execute arbitrary code or cause a denial\nof service (application crash) via a crafted HTML document.\n\n\nCVE-2009-1712\n\nWebKit in qt4-x11 does not prevent remote loading of local Java applets,\nwhich allows remote attackers to execute arbitrary code, gain privileges, or\nobtain sensitive information via an APPLET or OBJECT element.\n\n\nCVE-2009-1713\n\nThe XSLT functionality in WebKit, as used in qt4-x11 does not properly\nimplement the document function, which allows remote attackers to read\narbitrary local files and files from different security zones.\n\n\nCVE-2009-1725\n\nWebKit in qt4-x11 does not properly handle numeric character references,\nwhich allows remote attackers to execute arbitrary code or cause a\ndenial of service (memory corruption and application crash) via a\ncrafted HTML document.\n\n\nCVE-2009-2700\n\nqt4-x11 does not properly handle a &#x27;\\0&#x27; character in a domain name in the\nSubject Alternative Name field of an X.509 certificate, which allows\nman-in-the-middle attackers to spoof arbitrary SSL servers via a crafted\ncertificate issued by a legitimate Certification Authority.\n\n\n\nThe oldstable distribution (etch) is not affected by these problems.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 4.4.3-1+lenny1.\n\nFor the testing distribution (squeeze) and the unstable distribution\n(sid), these problems have been fixed in version 4.5.3-1.\n\n\nWe recommend that you upgrade your qt4-x11 packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian (stable)\n- ---------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-x11_4.4.3.orig.tar.gz\n Size/MD5 checksum: 112939803 376c003317c4417326ba2116370227d0\n http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-x11_4.4.3-1+lenny1.diff.gz\n Size/MD5 checksum: 113988 44e1d7b1418a2ea5811b2ba390c6e5e2\n http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-x11_4.4.3-1+lenny1.dsc\n Size/MD5 checksum: 2517 a643e142a0548df25f447e5147e36434\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-doc_4.4.3-1+lenny1_all.deb\n Size/MD5 checksum: 52927996 d4f9f1f38e28b02b57f77631c80936c5\n http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-doc-html_4.4.3-1+lenny1_all.deb\n Size/MD5 checksum: 26654448 7e65171932e77223aa5b1393daec55f5\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-core_4.4.3-1+lenny1_alpha.deb\n Size/MD5 checksum: 30804 242795a7b4b6b75655d0c2a1900b4f96\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbus_4.4.3-1+lenny1_alpha.deb\n Size/MD5 checksum: 256632 ea070e02a8243c8b73463820aa18c16c\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-svg_4.4.3-1+lenny1_alpha.deb\n Size/MD5 checksum: 194438 7639b8b9266a76ffa2880e10b265bfd0\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-psql_4.4.3-1+lenny1_alpha.deb\n Size/MD5 checksum: 64780 2e260f7f62771c80884a2a35dcb9b449\n http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-dev-tools_4.4.3-1+lenny1_alpha.deb\n Size/MD5 checksum: 1642920 05ec919d8ff16f4e5bc9a3e3b0ce6718\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-1+lenny1_alpha.deb\n Size/MD5 checksum: 54143826 a8112a75ecbdf5bf5fba60c5ffcf6639\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-network_4.4.3-1+lenny1_alpha.deb\n Size/MD5 checksum: 493846 ab8a83e873d4b4df0353b24abdfde772\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbg_4.4.3-1+lenny1_alpha.deb\n Size/MD5 checksum: 90539672 57d2f91d1b32c724e8ac67fa185f08ce\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqtgui4_4.4.3-1+lenny1_alpha.deb\n Size/MD5 checksum: 4748512 dc56c050f7fd6162b5ea5b4a862e47ec\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-help_4.4.3-1+lenny1_alpha.deb\n Size/MD5 checksum: 248966 0d4ee203a4eeead29a21142cf5f5f36a\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqtcore4_4.4.3-1+lenny1_alpha.deb\n Size/MD5 checksum: 2227462 3298ca0048afc6ba038e2173f76ad99b\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-1+lenny1_alpha.deb\n Size/MD5 checksum: 45958 5c05bee20ac16e347b4df914df0ba573\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit_4.4.3-1+lenny1_alpha.deb\n Size/MD5 checksum: 3824480 fb0afb2adf09e056ac1b2a952f923f82\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-1+lenny1_alpha.deb\n Size/MD5 checksum: 14064920 9b168b2fe8e39d65a5de4ec66d98dbb3\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-assistant_4.4.3-1+lenny1_alpha.deb\n Size/MD5 checksum: 41942 02c839761d645d29e364fa9d585e0155\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-qt3support_4.4.3-1+lenny1_alpha.deb\n Size/MD5 checksum: 1510874 55bcc0f38bb98aded16cd3d058948f1a\n http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qmake_4.4.3-1+lenny1_alpha.deb\n Size/MD5 checksum: 1842134 cc1c00d45977cdafc257a38a19c9f3d6\n http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qtconfig_4.4.3-1+lenny1_alpha.deb\n Size/MD5 checksum: 148296 62a149e29e40961eb3ee9fa3f71e46cf\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dev_4.4.3-1+lenny1_alpha.deb\n Size/MD5 checksum: 4747984 5940af0438fa7982819efc9361d4d218\n http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-demos_4.4.3-1+lenny1_alpha.deb\n Size/MD5 checksum: 10853838 1b534f13f38e5c4d6d3a6605e27ca5ef\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-1+lenny1_alpha.deb\n Size/MD5 checksum: 986808 4008560ed1b894058f5f7f793224470f\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl_4.4.3-1+lenny1_alpha.deb\n Size/MD5 checksum: 194846 393eb42698732905ee322c2e88ea3cbf\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xml_4.4.3-1+lenny1_alpha.deb\n Size/MD5 checksum: 149118 0d473109c91d1a3deb7af4bd6edd7975\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-1+lenny1_alpha.deb\n Size/MD5 checksum: 74138 a395afc4c7c8ba3dad39322d08c9dfd2\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-gui_4.4.3-1+lenny1_alpha.deb\n Size/MD5 checksum: 30798 05efcfccb419463c2b61fb1f3ca29a95\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-script_4.4.3-1+lenny1_alpha.deb\n Size/MD5 checksum: 506180 e6d0197c68897fe67a908077b2784533\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-designer_4.4.3-1+lenny1_alpha.deb\n Size/MD5 checksum: 2208902 3898119a8c37a4f40ec3e16269fbf32c\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-1+lenny1_alpha.deb\n Size/MD5 checksum: 50888 fef3650e86c4153c7247d2846d000431\n http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-designer_4.4.3-1+lenny1_alpha.deb\n Size/MD5 checksum: 428680 f37d8592f6211e98858663bc7da5aa11\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-test_4.4.3-1+lenny1_alpha.deb\n Size/MD5 checksum: 62188 6c0c7762f36acdb31cd172cb8d16746f\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-1+lenny1_alpha.deb\n Size/MD5 checksum: 41200 39bc11946cc3e99f9f54c2c0381e6dd4\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql_4.4.3-1+lenny1_alpha.deb\n Size/MD5 checksum: 144382 c12f803d4285afc61380fcdf04fcd4de\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-1+lenny1_alpha.deb\n Size/MD5 checksum: 59926 eaa5395d210bfe708d015c176d207481\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-1+lenny1_amd64.deb\n Size/MD5 checksum: 50214 3cbce693aef71ebfc94652571f581a16\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-test_4.4.3-1+lenny1_amd64.deb\n Size/MD5 checksum: 61290 76c1ba9c1cc77a714e491ec648ac2d49\n http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qtconfig_4.4.3-1+lenny1_amd64.deb\n Size/MD5 checksum: 134690 bf94e92323e68a1b948b7983e8883154\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-script_4.4.3-1+lenny1_amd64.deb\n Size/MD5 checksum: 458816 2625fac9bd465f2267bb7cf3ca9b12b4\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-qt3support_4.4.3-1+lenny1_amd64.deb\n Size/MD5 checksum: 1377026 0bc2e8c416723c12a1c2b5325f1d255d\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbg_4.4.3-1+lenny1_amd64.deb\n Size/MD5 checksum: 87591154 684110dfa018fb12451fade881f2b258\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-1+lenny1_amd64.deb\n Size/MD5 checksum: 70622 c3d8b1eae3557735e3d2cffa1c27a943\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-network_4.4.3-1+lenny1_amd64.deb\n Size/MD5 checksum: 456012 31697e41896daf771dcdcb4c342b9c06\n http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-demos_4.4.3-1+lenny1_amd64.deb\n Size/MD5 checksum: 10553896 068c89d9d205cce3c972849793ddc8c6\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-1+lenny1_amd64.deb\n Size/MD5 checksum: 42370 21d5c9fbb91e60d69bd9ce720da2e459\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-1+lenny1_amd64.deb\n Size/MD5 checksum: 58260 0fd799b66c8bdbcaefa98b9924f888ec\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-gui_4.4.3-1+lenny1_amd64.deb\n Size/MD5 checksum: 30802 83b99b7cb51bd621183483db893bbeec\n http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-dev-tools_4.4.3-1+lenny1_amd64.deb\n Size/MD5 checksum: 1537710 cc75e5bc1a0c87b20ed7100d4a293039\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-designer_4.4.3-1+lenny1_amd64.deb\n Size/MD5 checksum: 2079558 559afbeeec5a3d3bd9df5c2dbc6d0896\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqtgui4_4.4.3-1+lenny1_amd64.deb\n Size/MD5 checksum: 4274120 97907f0117b368f4b9f23e8599473261\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-core_4.4.3-1+lenny1_amd64.deb\n Size/MD5 checksum: 30814 7e47a757325b8476e352b03a5c5aec78\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-svg_4.4.3-1+lenny1_amd64.deb\n Size/MD5 checksum: 185344 f9f81022af95cf86541b7a21ca68c220\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-psql_4.4.3-1+lenny1_amd64.deb\n Size/MD5 checksum: 62948 51bc553e17ca6d1f015faf7a70705e45\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-1+lenny1_amd64.deb\n Size/MD5 checksum: 53394502 984acdfd4d9573bedbb1cb9fdea32099\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit_4.4.3-1+lenny1_amd64.deb\n Size/MD5 checksum: 3448144 7d523c3c7fcead5b0debdf212ab4b0d7\n http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qmake_4.4.3-1+lenny1_amd64.deb\n Size/MD5 checksum: 1625680 3bf0cbca2bbd44cb0c84ce0c84ef51cf\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-assistant_4.4.3-1+lenny1_amd64.deb\n Size/MD5 checksum: 42656 0ae1f63bf9d2776f6e4048d790ff0fb6\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-help_4.4.3-1+lenny1_amd64.deb\n Size/MD5 checksum: 237786 b0240806281af4bde43a18ca30beaf9c\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dev_4.4.3-1+lenny1_amd64.deb\n Size/MD5 checksum: 4306138 060500a3c0fd9443305bbc3833a2b2bc\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl_4.4.3-1+lenny1_amd64.deb\n Size/MD5 checksum: 186262 bf6a12b3e66e84a41c27cc64d8b9222b\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-1+lenny1_amd64.deb\n Size/MD5 checksum: 828912 cb315956769fcb6630164a2cc0db2a9f\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xml_4.4.3-1+lenny1_amd64.deb\n Size/MD5 checksum: 137534 f7afd2dc5df6ba81c2e8aacd05263288\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-ibase_4.4.3-1+lenny1_amd64.deb\n Size/MD5 checksum: 72788 a96bc474a1dc453038d3e20b91e7da26\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-1+lenny1_amd64.deb\n Size/MD5 checksum: 46088 4a2e8968fc286fa45456feb782501e49\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqtcore4_4.4.3-1+lenny1_amd64.deb\n Size/MD5 checksum: 2093718 97bc8a55dba288d7d8238b7c37242acc\n http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-designer_4.4.3-1+lenny1_amd64.deb\n Size/MD5 checksum: 411410 25d97c749070beb820016b63e3275ef0\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-1+lenny1_amd64.deb\n Size/MD5 checksum: 13411206 ed59b0df741ce51e3fd53a20c0d2460f\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql_4.4.3-1+lenny1_amd64.deb\n Size/MD5 checksum: 132960 bfd90128e17d45d3d1a9e275cf9b8484\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbus_4.4.3-1+lenny1_amd64.deb\n Size/MD5 checksum: 240992 baa32b82cf072af916cf54f348ac8b21\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qmake_4.4.3-1+lenny1_armel.deb\n Size/MD5 checksum: 1490244 b7f5b5521e518f8195a93eaa64a47a6f\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-help_4.4.3-1+lenny1_armel.deb\n Size/MD5 checksum: 246778 c578bafdc84117e2e0489f345d63a328\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqtgui4_4.4.3-1+lenny1_armel.deb\n Size/MD5 checksum: 4090556 c364c817a98b4b55de7db3124d201a3d\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-1+lenny1_armel.deb\n Size/MD5 checksum: 13976018 09b344b3f55cf804b29c7b902f358a66\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-core_4.4.3-1+lenny1_armel.deb\n Size/MD5 checksum: 30552 3d452b1bbe742911a2c49f0a0533c9f8\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dev_4.4.3-1+lenny1_armel.deb\n Size/MD5 checksum: 4302420 bbba102425af53a59e362e8f8ed8a176\n http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-dev-tools_4.4.3-1+lenny1_armel.deb\n Size/MD5 checksum: 1559374 b39af442b4a69b9e5ed26f3c949a8c45\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqtcore4_4.4.3-1+lenny1_armel.deb\n Size/MD5 checksum: 2051900 8b58466730fdfc163674f8ce67465ac1\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-1+lenny1_armel.deb\n Size/MD5 checksum: 850514 7da47a92f793e4e87d5cf6ddac563a39\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-1+lenny1_armel.deb\n Size/MD5 checksum: 42030 ae1f63cdb4c19c090c6efe685bfae0d6\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-1+lenny1_armel.deb\n Size/MD5 checksum: 72300 1b5f88254367f44211bdfdf921c39305\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-svg_4.4.3-1+lenny1_armel.deb\n Size/MD5 checksum: 182426 a39e968a814382611f19a5834655cdda\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-1+lenny1_armel.deb\n Size/MD5 checksum: 57682 874b69bbb0a4e184ccad60b18cf71e80\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-test_4.4.3-1+lenny1_armel.deb\n Size/MD5 checksum: 60030 8f8a1faf24aedb8c7db0d349ea894837\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-qt3support_4.4.3-1+lenny1_armel.deb\n Size/MD5 checksum: 1291440 cce8b6f8f434f8bc1ccb32779cf74644\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl_4.4.3-1+lenny1_armel.deb\n Size/MD5 checksum: 178792 e7b00a6eed81bd71d2f5277e2595bd4f\n http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-demos_4.4.3-1+lenny1_armel.deb\n Size/MD5 checksum: 10208362 5bca5461f7ce8a51e55f130fd4c5d852\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-1+lenny1_armel.deb\n Size/MD5 checksum: 49814 8038cb08e95871bcdbc6eed747729874\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-gui_4.4.3-1+lenny1_armel.deb\n Size/MD5 checksum: 30542 145c03d402a1d9cdeb105acc4dfd9add\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql_4.4.3-1+lenny1_armel.deb\n Size/MD5 checksum: 129170 a5cc1ffd87f255b17187b9116a9a902f\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-script_4.4.3-1+lenny1_armel.deb\n Size/MD5 checksum: 417314 193284b6d133efd2ce923c4c3498b76e\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-network_4.4.3-1+lenny1_armel.deb\n Size/MD5 checksum: 457766 b8337c15ad7022f03a339d76e288e510\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-1+lenny1_armel.deb\n Size/MD5 checksum: 51245582 f28d2c30200aa4c3dfa1c658aa8194c3\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-assistant_4.4.3-1+lenny1_armel.deb\n Size/MD5 checksum: 42882 2bb5d6c5158c98e0e753118653e100e6\n http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-designer_4.4.3-1+lenny1_armel.deb\n Size/MD5 checksum: 405660 1cf50d4eadc18a9ec58a0b64a57e4bb3\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbg_4.4.3-1+lenny1_armel.deb\n Size/MD5 checksum: 89502610 17620beaf7eb7648a6e76bd3b6ef5b81\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-designer_4.4.3-1+lenny1_armel.deb\n Size/MD5 checksum: 2052626 9d52d385b4dfe5b3e84e9f37f6a5262d\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-psql_4.4.3-1+lenny1_armel.deb\n Size/MD5 checksum: 62778 96b4ad6c7002d4b5d6e0d29b8c3c48c4\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xml_4.4.3-1+lenny1_armel.deb\n Size/MD5 checksum: 139982 0e82833ffd6e4370103a67002551850e\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit_4.4.3-1+lenny1_armel.deb\n Size/MD5 checksum: 2935026 7a1986aa9702df21c770f4b66477e0eb\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-1+lenny1_armel.deb\n Size/MD5 checksum: 45656 b41efd29606c780b4fde733ca7fadd2b\n http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qtconfig_4.4.3-1+lenny1_armel.deb\n Size/MD5 checksum: 133334 79223e7f554a07aec91ee2dd23683edf\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbus_4.4.3-1+lenny1_armel.deb\n Size/MD5 checksum: 233960 e4fddb32150f6d343bfcc85e7b58215a\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-1+lenny1_hppa.deb\n Size/MD5 checksum: 76570 d8ed6f1595b23cdff3874e2bc9bc16ab\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-script_4.4.3-1+lenny1_hppa.deb\n Size/MD5 checksum: 502954 af0b3cc8554f302f8e0a8837b2793499\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbg_4.4.3-1+lenny1_hppa.deb\n Size/MD5 checksum: 88102392 6910957cabd74c068fb43581a7654495\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-1+lenny1_hppa.deb\n Size/MD5 checksum: 1047740 bce5cbb0da6e22a8e3fa9d82faf69a48\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-test_4.4.3-1+lenny1_hppa.deb\n Size/MD5 checksum: 65002 d54455c037071dfa191e7fa774068345\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xml_4.4.3-1+lenny1_hppa.deb\n Size/MD5 checksum: 164024 271f70ccadf4536f0168be44d2edb617\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-help_4.4.3-1+lenny1_hppa.deb\n Size/MD5 checksum: 272194 5ceba67ab66f9c687ccd5aa6dd9a2a42\n http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-1+lenny1_hppa.deb\n Size/MD5 checksum: 52802 ee752bab39d48e9ed3aa9ac22b459fdc\n http://secu