It was discovered that Qt did not properly handle wildcard domain names or
IP addresses in the Common Name field of X.509 certificates. An attacker
could exploit this to perform a machine-in-the-middle attack to view sensitive
information or alter encrypted communications. This issue only affected
Ubuntu 10.04 LTS. (CVE-2010-5076)
A heap-based buffer overflow was discovered in the HarfBuzz module. If a
user were tricked into opening a crafted font file in a Qt application,
an attacker could cause a denial of service or possibly execute arbitrary
code with the privileges of the user invoking the program. (CVE-2011-3193)
It was discovered that Qt did not properly handle greyscale TIFF images.
If a Qt application could be made to process a crafted TIFF file, an
attacker could cause a denial of service. (CVE-2011-3194)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 11.04 | noarch | libqt4-network | < 4:4.7.2-0ubuntu6.4 | UNKNOWN |
Ubuntu | 11.04 | noarch | libqt4-assistant | < 4:4.7.2-0ubuntu6.4 | UNKNOWN |
Ubuntu | 11.04 | noarch | libqt4-core | < 4:4.7.2-0ubuntu6.4 | UNKNOWN |
Ubuntu | 11.04 | noarch | libqt4-dbg | < 4:4.7.2-0ubuntu6.4 | UNKNOWN |
Ubuntu | 11.04 | noarch | libqt4-dbus | < 4:4.7.2-0ubuntu6.4 | UNKNOWN |
Ubuntu | 11.04 | noarch | libqt4-declarative | < 4:4.7.2-0ubuntu6.4 | UNKNOWN |
Ubuntu | 11.04 | noarch | libqt4-declarative-folderlistmodel | < 4:4.7.2-0ubuntu6.4 | UNKNOWN |
Ubuntu | 11.04 | noarch | libqt4-declarative-gestures | < 4:4.7.2-0ubuntu6.4 | UNKNOWN |
Ubuntu | 11.04 | noarch | libqt4-declarative-particles | < 4:4.7.2-0ubuntu6.4 | UNKNOWN |
Ubuntu | 11.04 | noarch | libqt4-designer | < 4:4.7.2-0ubuntu6.4 | UNKNOWN |