Executive Summary
| Summary | |
|---|---|
| Title | Qt vulnerability |
| Informations | |||
|---|---|---|---|
| Name | USN-829-1 | First vendor Publication | 2009-09-10 |
| Vendor | Ubuntu | Last vendor Modification | 2009-09-10 |
| Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:M/Au:N/C:N/I:P/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 4.3 | Attack Range | Network |
| Cvss Impact Score | 2.9 | Attack Complexity | Medium |
| Cvss Expoit Score | 8.6 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: Ubuntu 8.10: Ubuntu 9.04: After a standard system upgrade you need to restart your session to effect the necessary changes. Details follow: It was discovered that Qt did not properly handle certificates with NULL characters in the Subject Alternative Name field of X.509 certificates. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. (CVE-2009-2700) |
Original Source
| Url : http://www.ubuntu.com/usn/USN-829-1 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-20 | Improper Input Validation |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:19394 | |||
| Oval ID: | oval:org.mitre.oval:def:19394 | ||
| Title: | DSA-1988-1 qt4-x11 - several vulnerabilities | ||
| Description: | Several vulnerabilities have been discovered in qt4-x11, a cross-platform C++ application framework. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1988-1 CVE-2009-0945 CVE-2009-1687 CVE-2009-1690 CVE-2009-1698 CVE-2009-1699 CVE-2009-1711 CVE-2009-1712 CVE-2009-1713 CVE-2009-1725 CVE-2009-2700 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 5.0 | Product(s): | qt4-x11 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6923 | |||
| Oval ID: | oval:org.mitre.oval:def:6923 | ||
| Title: | DSA-1988 qt4-x11 -- several vulnerabilities | ||
| Description: | Several vulnerabilities have been discovered in qt4-x11, a cross-platform C++ application framework. The Common Vulnerabilities and Exposures project identifies the following problems: Array index error in the insertItemBefore method in WebKit, as used in qt4-x11, allows remote attackers to execute arbitrary code. The JavaScript garbage collector in WebKit, as used in qt4-x11 does not properly handle allocation failures, which allows remote attackers to execute arbitrary code or cause a denial of service via a crafted HTML document that triggers write access to an "offset of a NULL pointer. Use-after-free vulnerability in WebKit, as used in qt4-x11, allows remote attackers to execute arbitrary code or cause a denial of service by setting an unspecified property of an HTML tag that causes child elements to be freed and later accessed when an HTML error occurs. WebKit in qt4-x11 does not initialise a pointer during handling of a Cascading Style Sheets attr function call with a large numerical argument, which allows remote attackers to execute arbitrary code or cause a denial of service via a crafted HTML document. The XSL stylesheet implementation in WebKit, as used in qt4-x11 does not properly handle XML external entities, which allows remote attackers to read arbitrary files via a crafted DTD. WebKit in qt4-x11 does not properly initialise memory for Attr DOM objects, which allows remote attackers to execute arbitrary code or cause a denial of service via a crafted HTML document. WebKit in qt4-x11 does not prevent remote loading of local Java applets, which allows remote attackers to execute arbitrary code, gain privileges, or obtain sensitive information via an APPLET or OBJECT element. The XSLT functionality in WebKit, as used in qt4-x11 does not properly implement the document function, which allows remote attackers to read arbitrary local files and files from different security zones. WebKit in qt4-x11 does not properly handle numeric character references, which allows remote attackers to execute arbitrary code or cause a denial of service via a crafted HTML document. qt4-x11 does not properly handle a "\0" character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. The oldstable distribution is not affected by these problems. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1988 CVE-2009-0945 CVE-2009-1687 CVE-2009-1690 CVE-2009-1698 CVE-2009-1699 CVE-2009-1711 CVE-2009-1712 CVE-2009-1713 CVE-2009-1725 CVE-2009-2700 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 5.0 | Product(s): | qt4-x11 |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2010-05-17 | Name : Fedora Update for qt FEDORA-2010-8379 File : nvt/gb_fedora_2010_8379_qt_fc11.nasl |
| 2009-11-17 | Name : Fedora Core 10 FEDORA-2009-11488 (qt) File : nvt/fcore_2009_11488.nasl |
| 2009-11-17 | Name : Fedora Core 11 FEDORA-2009-11491 (qt) File : nvt/fcore_2009_11491.nasl |
| 2009-11-17 | Name : SLES10: Security update for Qt3 File : nvt/sles10_dbus-1-qt.nasl |
| 2009-11-17 | Name : SLES11: Security update for libqt4 File : nvt/sles11_libqt4.nasl |
| 2009-09-15 | Name : Mandrake Security Advisory MDVSA-2009:225 (qt4) File : nvt/mdksa_2009_225.nasl |
| 2009-09-15 | Name : Ubuntu USN-829-1 (qt4-x11) File : nvt/ubuntu_829_1.nasl |
| 2009-09-09 | Name : Fedora Core 11 FEDORA-2009-9231 (qt) File : nvt/fcore_2009_9231.nasl |
| 2009-09-09 | Name : Fedora Core 10 FEDORA-2009-9232 (qt) File : nvt/fcore_2009_9232.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 57633 | Qt X.509 Certificate Authority (CA) Subject Alternative Name Null Byte Handli... |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_dbus-1-qt-6645.nasl - Type : ACT_GATHER_INFO |
| 2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1988.nasl - Type : ACT_GATHER_INFO |
| 2009-11-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_libqt4-091106.nasl - Type : ACT_GATHER_INFO |
| 2009-11-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_libqt4-091106.nasl - Type : ACT_GATHER_INFO |
| 2009-11-13 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libqt4-091106.nasl - Type : ACT_GATHER_INFO |
| 2009-11-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_dbus-1-qt-6644.nasl - Type : ACT_GATHER_INFO |
| 2009-09-11 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-829-1.nasl - Type : ACT_GATHER_INFO |
| 2009-09-09 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-225.nasl - Type : ACT_GATHER_INFO |
| 2009-09-03 | Name : The remote Fedora host is missing a security update. File : fedora_2009-9231.nasl - Type : ACT_GATHER_INFO |
| 2009-09-03 | Name : The remote Fedora host is missing a security update. File : fedora_2009-9232.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 12:06:14 |
|
| 2013-02-07 21:22:03 |
|
