Lucene search
UbuntuUSN-2057-1HistoryDec 17, 2013 - 12:00 a.m.
Qt vulnerability
2013-12-1700:00:00
ubuntu.com
26
6 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.013 Low
EPSS
Percentile
85.7%
Releases
- Ubuntu 13.10
- Ubuntu 13.04
- Ubuntu 12.10
- Ubuntu 12.04
Packages
- qt4-x11 - Qt 4 libraries
- qtbase-opensource-src - Qt 5 libraries
Details
It was discovered that QXmlSimpleReader in Qt incorrectly handled XML
entity expansion. An attacker could use this flaw to cause Qt applications
to consume large amounts of resources, resulting in a denial of service.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 13.10 | noarch | libqt4-xml | < 4:4.8.4+dfsg-0ubuntu18.1 | UNKNOWN |
| Ubuntu | 13.10 | noarch | libqt4-assistant | < 4:4.8.4+dfsg-0ubuntu18.1 | UNKNOWN |
| Ubuntu | 13.10 | noarch | libqt4-core | < 4:4.8.4+dfsg-0ubuntu18.1 | UNKNOWN |
| Ubuntu | 13.10 | noarch | libqt4-dbg | < 4:4.8.4+dfsg-0ubuntu18.1 | UNKNOWN |
| Ubuntu | 13.10 | noarch | libqt4-dbus | < 4:4.8.4+dfsg-0ubuntu18.1 | UNKNOWN |
| Ubuntu | 13.10 | noarch | libqt4-declarative | < 4:4.8.4+dfsg-0ubuntu18.1 | UNKNOWN |
| Ubuntu | 13.10 | noarch | libqt4-declarative-folderlistmodel | < 4:4.8.4+dfsg-0ubuntu18.1 | UNKNOWN |
| Ubuntu | 13.10 | noarch | libqt4-declarative-gestures | < 4:4.8.4+dfsg-0ubuntu18.1 | UNKNOWN |
| Ubuntu | 13.10 | noarch | libqt4-declarative-particles | < 4:4.8.4+dfsg-0ubuntu18.1 | UNKNOWN |
| Ubuntu | 13.10 | noarch | libqt4-declarative-shaders | < 4:4.8.4+dfsg-0ubuntu18.1 | UNKNOWN |
References
Related
openvas
openvas
Fedora Update for qt5-qtbase FEDORA-2014-5680
2014-05-12 00:00:00
Fedora Update for qt3 FEDORA-2013-22847
2014-02-03 00:00:00
Fedora Update for qt5-qtbase FEDORA-2014-5710
2014-05-12 00:00:00
nessus
nessus
fedora
fedora
[SECURITY] Fedora 19 Update: qt5-qtbase-5.2.1-8.fc19
2014-05-06 03:32:31
[SECURITY] Fedora 19 Update: qt3-3.3.8b-56.fc19
2014-01-23 11:11:04
[SECURITY] Fedora 20 Update: qt3-3.3.8b-56.fc20
2014-01-23 11:18:08
mageia
mageia
Updated qt5 packages fix security vulnerability.
2014-03-03 23:58:12
Updated qt4 package fixes security vulnerability
2014-01-17 04:20:35
Updated qt3 packages fix security vulnerabilities
2014-06-18 22:02:44
securityvulns
securityvulns
QT resources exhaustion
2013-12-24 00:00:00
[USN-2057-1] Qt vulnerability
2013-12-24 00:00:00
gentoo
gentoo
QtCore: Denial of service
2014-03-13 00:00:00
prion
prion
Code injection
2013-12-23 22:55:00
debiancve
debiancve
CVE-2013-4549
2013-12-23 22:55:00
cve
cve
CVE-2013-4549
2013-12-23 22:55:00
freebsd
freebsd
qt4-xml -- XML Entity Expansion Denial of Service
2013-12-05 00:00:00
ubuntucve
ubuntucve
CVE-2013-4549
2013-12-05 00:00:00
6 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.013 Low
EPSS
Percentile
85.7%
Related for USN-2057-1