CVE-2010-5076

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2010-5076
QSslSocket in Qt before 4.7.0-rc1 recognizes a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.

4.3 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References
Link Resource
http://qt.gitorious.org/qt/qt/commit/5f6018564668d368f75e431c4cdac88d7421cff0 Exploit Patch
http://qt.gitorious.org/qt/qt/commit/846f1b44eea4bb34d080d055badb40a4a13d369e Patch
http://rhn.redhat.com/errata/RHSA-2012-0880.html
http://secunia.com/advisories/41236 Vendor Advisory
http://secunia.com/advisories/49604 Vendor Advisory
http://secunia.com/advisories/49895 Vendor Advisory
http://www.ubuntu.com/usn/USN-1504-1
http://www.westpoint.ltd.uk/advisories/wp-10-0001.txt
https://bugreports.qt-project.org/browse/QTBUG-4455
http://qt.gitorious.org/qt/qt/commit/5f6018564668d368f75e431c4cdac88d7421cff0 Exploit Patch
http://qt.gitorious.org/qt/qt/commit/846f1b44eea4bb34d080d055badb40a4a13d369e Patch
http://rhn.redhat.com/errata/RHSA-2012-0880.html
http://secunia.com/advisories/41236 Vendor Advisory
http://secunia.com/advisories/49604 Vendor Advisory
http://secunia.com/advisories/49895 Vendor Advisory
http://www.ubuntu.com/usn/USN-1504-1
http://www.westpoint.ltd.uk/advisories/wp-10-0001.txt
https://bugreports.qt-project.org/browse/QTBUG-4455
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:digia:qt:*:*:*:*:*:*:*:*
cpe:2.3:a:qt:qt:4.0.0:*:*:*:*:*:*:*
cpe:2.3:a:qt:qt:4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:qt:qt:4.1.0:*:*:*:*:*:*:*
cpe:2.3:a:qt:qt:4.1.1:*:*:*:*:*:*:*
cpe:2.3:a:qt:qt:4.1.2:*:*:*:*:*:*:*
cpe:2.3:a:qt:qt:4.1.3:*:*:*:*:*:*:*
cpe:2.3:a:qt:qt:4.1.4:*:*:*:*:*:*:*
cpe:2.3:a:qt:qt:4.1.5:*:*:*:*:*:*:*
cpe:2.3:a:qt:qt:4.2.0:*:*:*:*:*:*:*
cpe:2.3:a:qt:qt:4.2.1:*:*:*:*:*:*:*
cpe:2.3:a:qt:qt:4.2.3:*:*:*:*:*:*:*
cpe:2.3:a:qt:qt:4.3.0:*:*:*:*:*:*:*
cpe:2.3:a:qt:qt:4.3.1:*:*:*:*:*:*:*
cpe:2.3:a:qt:qt:4.3.2:*:*:*:*:*:*:*
cpe:2.3:a:qt:qt:4.3.3:*:*:*:*:*:*:*
cpe:2.3:a:qt:qt:4.3.4:*:*:*:*:*:*:*
cpe:2.3:a:qt:qt:4.3.5:*:*:*:*:*:*:*
cpe:2.3:a:qt:qt:4.4.0:*:*:*:*:*:*:*
cpe:2.3:a:qt:qt:4.4.1:*:*:*:*:*:*:*
cpe:2.3:a:qt:qt:4.4.2:*:*:*:*:*:*:*
cpe:2.3:a:qt:qt:4.4.3:*:*:*:*:*:*:*
cpe:2.3:a:qt:qt:4.5.0:*:*:*:*:*:*:*
cpe:2.3:a:qt:qt:4.5.1:*:*:*:*:*:*:*
cpe:2.3:a:qt:qt:4.5.2:*:*:*:*:*:*:*
cpe:2.3:a:qt:qt:4.5.3:*:*:*:*:*:*:*
cpe:2.3:a:qt:qt:4.6.0:*:*:*:*:*:*:*
cpe:2.3:a:qt:qt:4.6.0:rc1:*:*:*:*:*:*
cpe:2.3:a:qt:qt:4.6.1:*:*:*:*:*:*:*
cpe:2.3:a:qt:qt:4.6.2:*:*:*:*:*:*:*
cpe:2.3:a:qt:qt:4.6.3:*:*:*:*:*:*:*
History

21 Nov 2024, 01:22

Type Values Removed Values Added
References () http://qt.gitorious.org/qt/qt/commit/5f6018564668d368f75e431c4cdac88d7421cff0 - Exploit, Patch () http://qt.gitorious.org/qt/qt/commit/5f6018564668d368f75e431c4cdac88d7421cff0 - Exploit, Patch
References () http://qt.gitorious.org/qt/qt/commit/846f1b44eea4bb34d080d055badb40a4a13d369e - Patch () http://qt.gitorious.org/qt/qt/commit/846f1b44eea4bb34d080d055badb40a4a13d369e - Patch
References () http://rhn.redhat.com/errata/RHSA-2012-0880.html - () http://rhn.redhat.com/errata/RHSA-2012-0880.html -
References () http://secunia.com/advisories/41236 - Vendor Advisory () http://secunia.com/advisories/41236 - Vendor Advisory
References () http://secunia.com/advisories/49604 - Vendor Advisory () http://secunia.com/advisories/49604 - Vendor Advisory
References () http://secunia.com/advisories/49895 - Vendor Advisory () http://secunia.com/advisories/49895 - Vendor Advisory
References () http://www.ubuntu.com/usn/USN-1504-1 - () http://www.ubuntu.com/usn/USN-1504-1 -
References () http://www.westpoint.ltd.uk/advisories/wp-10-0001.txt - () http://www.westpoint.ltd.uk/advisories/wp-10-0001.txt -
References () https://bugreports.qt-project.org/browse/QTBUG-4455 - () https://bugreports.qt-project.org/browse/QTBUG-4455 -
Information

Published : 2012-06-29 19:55

Updated : 2024-11-21 01:22

NVD link : CVE-2010-5076

Mitre link : CVE-2010-5076

CVE.ORG link : CVE-2010-5076

JSON object : View

Products Affected

digia

  • qt

qt

  • qt
CWE
CWE-20

Improper Input Validation


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024