Lucene search
K

32 matches found

Tenable Nessus
Tenable Nessus
added 2013/01/25 12:0 a.m.34 views

Fedora 16 : qt-4.8.4-6.fc16 (2013-0270)

This build fixes a security issues : - QSslSocket may report incorrect errors when certificate verification fails. For more information: http://lists.qt-project.org/pipermail/announce/2013-Janu ary/000020.html - blacklists unauthorized SSL certificates by Turktrust. For more information:...

4.3CVSS5.3AI score0.01778EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2013/01/23 12:0 a.m.34 views

Fedora 18 : qt-4.8.4-6.fc18 (2013-0199)

This build fixes a security issues : - QSslSocket may report incorrect errors when certificate verification fails. For more information: http://lists.qt-project.org/pipermail/announce/2013-Janu ary/000020.html - blacklists unauthorized SSL certificates by Turktrust. For more information:...

4.3CVSS5.3AI score0.01778EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2013/01/14 12:0 a.m.37 views

Fedora 17 : qt-4.8.4-6.fc17 (2013-0277)

This build fixes a security issues : - QSslSocket may report incorrect errors when certificate verification fails. For more information: http://lists.qt-project.org/pipermail/announce/2013-Janu ary/000020.html - blacklists unauthorized SSL certificates by Turktrust. For more information:...

4.3CVSS5.3AI score0.01778EPSS
Exploits0References5
Prion
Prion
added 2012/06/29 7:55 p.m.23 views

Code injection

QSslSocket in Qt before 4.7.0-rc1 recognizes a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority...

4.3CVSS6.7AI score0.01402EPSS
Exploits1References9Affected Software1
Cvelist
Cvelist
added 2012/06/29 7:0 p.m.30 views

CVE-2010-5076

QSslSocket in Qt before 4.7.0-rc1 recognizes a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority...

6AI score0.01402EPSS
Exploits1References9
Debian CVE
Debian CVE
added 2012/06/29 7:0 p.m.32 views

CVE-2010-5076

Removed by vendor...

4.3CVSS6.7AI score0.01402EPSS
Exploits1
CVE
CVE
added 2012/06/29 7:0 p.m.75 views

CVE-2010-5076

Qt’s QSslSocket before 4.7.0-rc1 accepts wildcard IPs in the X.509 certificate subject CN, enabling potential MITM spoofing of SSL servers via certificates from trusted CAs. Affected: Qt Qt-based SSL/TLS implementations prior to 4.7.0-rc1. Root cause: improper hostname verification for wildcard I...

4.3CVSS6.1AI score0.01402EPSS
Exploits1References9Affected Software2
UbuntuCve
UbuntuCve
added 2012/06/29 12:0 a.m.39 views

CVE-2010-5076

QSslSocket in Qt before 4.7.0-rc1 recognizes a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority...

4.3CVSS6AI score0.01402EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2010/07/26 12:0 a.m.17 views

Qt 'QSslSocketBackendPrivate::transmit()' Denial of Service Vulnerability

This host is installed with Qt and is prone to denial of service vulnerability. OpenVAS Vulnerability Test $Id: gbqtdosvuln.nasl 5373 2017-02-20 16:27:48Z teissa $ Qt 'QSslSocketBackendPrivate::transmit' Denial of Service Vulnerability Authors: Sooraj KS Copyright: Copyright c 2010 Greenbone...

5CVSS8.5AI score0.1054EPSS
Exploits1References3
Ubuntu
Ubuntu
added 2008/02/20 5:36 p.m.34 views

USN-579-1: Qt vulnerability

It was discovered that QSslSocket did not properly verify SSL certificates. A remote attacker may be able to trick applications using QSslSocket into accepting invalid SSL certificates...

4.3CVSS5.3AI score0.0128EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2008/01/08 1:46 a.m.17 views

CVE-2007-5965

QSslSocket in Trolltech Qt 4.3.0 through 4.3.2 does not properly verify SSL certificates, which might make it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service, or trick a service into accepting an invalid client certificate for a user...

4.3CVSS5.9AI score0.0128EPSS
Exploits1References2
seebug.org
seebug.org
added 2008/01/06 12:0 a.m.29 views

Trolltech Qt QSslSocket类证书验证绕过安全限制漏洞

BUGTRAQ ID: 27112 CVECAN ID: CVE-2007-5965 Qt是一款C++应用开发工具,包括类库和跨平台开发工具。 Qt可能没有对SSL连接中的QSslSocket类证书执行验证,使用QSslSocket的应用可能受骗接受伪造的证书,这有助于攻击者执行网络钓鱼类的攻击。 Trolltech Qt 4.3.2 Trolltech Qt 4.3.1 Trolltech Qt 4.3.0 Trolltech --------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

4.3CVSS6.4AI score0.0128EPSS
Exploits1
Rows per page
Query Builder