Описание
Множественные уязвимости пакета libqt4-webkit операционной системы Debian GNU/Linux, эксплуатация которых может привести к нарушению конфиденциальности, целостности и доступности защищаемой информации. Эксплуатация уязвимостей может быть осуществлена удаленно
Вендор
Сообщество свободного программного обеспечения
Наименование ПО
Debian GNU/Linux
Версия ПО
до 5 (Debian GNU/Linux)
Тип ПО
Операционная система
Операционные системы и аппаратные платформы
-
Уровень опасности уязвимости
Высокий уровень опасности (базовая оценка CVSS 2.0 составляет 9,3)
Возможные меры по устранению уязвимости
Проблема может быть решена обновлением операционной системы до следующих версий пакетов в зависимости от архитектуры:
Debian GNU/Linux 5:
ppc:
libqt4-xmlpatterns-dbg - 4.4.3-1+lenny1
qt4-qtconfig - 4.4.3-1+lenny1
libqt4-opengl-dev - 4.4.3-1+lenny1
libqt4-dev - 4.4.3-1+lenny1
libqt4-opengl - 4.4.3-1+lenny1
libqt4-sql-mysql - 4.4.3-1+lenny1
libqt4-core - 4.4.3-1+lenny1
libqtcore4 - 4.4.3-1+lenny1
libqt4-assistant - 4.4.3-1+lenny1
libqt4-dbg - 4.4.3-1+lenny1
libqt4-designer - 4.4.3-1+lenny1
libqt4-sql-ibase - 4.4.3-1+lenny1
libqt4-test - 4.4.3-1+lenny1
libqt4-dbus - 4.4.3-1+lenny1
libqtgui4 - 4.4.3-1+lenny1
libqt4-sql - 4.4.3-1+lenny1
libqt4-webkit - 4.4.3-1+lenny1
libqt4-script - 4.4.3-1+lenny1
libqt4-xml - 4.4.3-1+lenny1
libqt4-sql-odbc - 4.4.3-1+lenny1
libqt4-network - 4.4.3-1+lenny1
qt4-dev-tools - 4.4.3-1+lenny1
libqt4-sql-sqlite2 - 4.4.3-1+lenny1
libqt4-svg - 4.4.3-1+lenny1
libqt4-webkit-dbg - 4.4.3-1+lenny1
libqt4-help - 4.4.3-1+lenny1
libqt4-gui - 4.4.3-1+lenny1
libqt4-sql-sqlite - 4.4.3-1+lenny1
libqt4-xmlpatterns - 4.4.3-1+lenny1
qt4-designer - 4.4.3-1+lenny1
qt4-demos - 4.4.3-1+lenny1
qt4-qmake - 4.4.3-1+lenny1
libqt4-qt3support - 4.4.3-1+lenny1
libqt4-sql-psql - 4.4.3-1+lenny1
s390x:
libqt4-xmlpatterns - 4.4.3-1+lenny1
libqt4-assistant - 4.4.3-1+lenny1
libqtgui4 - 4.4.3-1+lenny1
libqt4-svg - 4.4.3-1+lenny1
libqt4-dbus - 4.4.3-1+lenny1
libqt4-dev - 4.4.3-1+lenny1
libqt4-webkit-dbg - 4.4.3-1+lenny1
libqt4-sql-psql - 4.4.3-1+lenny1
qt4-dev-tools - 4.4.3-1+lenny1
qt4-demos - 4.4.3-1+lenny1
libqt4-opengl - 4.4.3-1+lenny1
libqt4-sql-sqlite2 - 4.4.3-1+lenny1
libqt4-sql-odbc - 4.4.3-1+lenny1
libqt4-script - 4.4.3-1+lenny1
libqt4-qt3support - 4.4.3-1+lenny1
qt4-qmake - 4.4.3-1+lenny1
libqt4-xmlpatterns-dbg - 4.4.3-1+lenny1
libqt4-xml - 4.4.3-1+lenny1
libqt4-core - 4.4.3-1+lenny1
qt4-designer - 4.4.3-1+lenny1
libqt4-gui - 4.4.3-1+lenny1
libqtcore4 - 4.4.3-1+lenny1
libqt4-dbg - 4.4.3-1+lenny1
libqt4-test - 4.4.3-1+lenny1
libqt4-designer - 4.4.3-1+lenny1
libqt4-sql - 4.4.3-1+lenny1
libqt4-opengl-dev - 4.4.3-1+lenny1
libqt4-sql-mysql - 4.4.3-1+lenny1
qt4-qtconfig - 4.4.3-1+lenny1
libqt4-help - 4.4.3-1+lenny1
libqt4-sql-sqlite - 4.4.3-1+lenny1
libqt4-webkit - 4.4.3-1+lenny1
libqt4-network - 4.4.3-1+lenny1
i686:
libqt4-test - 4.4.3-1+lenny1
libqtgui4 - 4.4.3-1+lenny1
libqt4-dbg - 4.4.3-1+lenny1
libqt4-sql-sqlite - 4.4.3-1+lenny1
qt4-dev-tools - 4.4.3-1+lenny1
libqt4-opengl-dev - 4.4.3-1+lenny1
libqt4-gui - 4.4.3-1+lenny1
qt4-qtconfig - 4.4.3-1+lenny1
qt4-qmake - 4.4.3-1+lenny1
libqt4-sql - 4.4.3-1+lenny1
libqt4-assistant - 4.4.3-1+lenny1
libqt4-script - 4.4.3-1+lenny1
libqt4-xmlpatterns - 4.4.3-1+lenny1
libqt4-network - 4.4.3-1+lenny1
qt4-demos - 4.4.3-1+lenny1
libqt4-webkit - 4.4.3-1+lenny1
libqt4-sql-psql - 4.4.3-1+lenny1
libqt4-svg - 4.4.3-1+lenny1
libqtcore4 - 4.4.3-1+lenny1
libqt4-qt3support - 4.4.3-1+lenny1
libqt4-webkit-dbg - 4.4.3-1+lenny1
libqt4-core - 4.4.3-1+lenny1
libqt4-opengl - 4.4.3-1+lenny1
libqt4-sql-ibase - 4.4.3-1+lenny1
libqt4-help - 4.4.3-1+lenny1
libqt4-dev - 4.4.3-1+lenny1
libqt4-sql-mysql - 4.4.3-1+lenny1
libqt4-xml - 4.4.3-1+lenny1
libqt4-sql-sqlite2 - 4.4.3-1+lenny1
libqt4-xmlpatterns-dbg - 4.4.3-1+lenny1
qt4-designer - 4.4.3-1+lenny1
libqt4-designer - 4.4.3-1+lenny1
libqt4-sql-odbc - 4.4.3-1+lenny1
libqt4-dbus - 4.4.3-1+lenny1
sparc:
qt4-qmake - 4.4.3-1+lenny1
libqt4-xmlpatterns-dbg - 4.4.3-1+lenny1
libqt4-sql - 4.4.3-1+lenny1
libqt4-xml - 4.4.3-1+lenny1
libqt4-sql-psql - 4.4.3-1+lenny1
libqt4-dbg - 4.4.3-1+lenny1
libqt4-dbus - 4.4.3-1+lenny1
libqt4-help - 4.4.3-1+lenny1
libqt4-sql-ibase - 4.4.3-1+lenny1
qt4-designer - 4.4.3-1+lenny1
libqtcore4 - 4.4.3-1+lenny1
libqt4-svg - 4.4.3-1+lenny1
libqt4-webkit-dbg - 4.4.3-1+lenny1
libqt4-sql-sqlite - 4.4.3-1+lenny1
libqt4-sql-sqlite2 - 4.4.3-1+lenny1
libqt4-test - 4.4.3-1+lenny1
libqt4-core - 4.4.3-1+lenny1
qt4-dev-tools - 4.4.3-1+lenny1
qt4-demos - 4.4.3-1+lenny1
libqt4-qt3support - 4.4.3-1+lenny1
libqt4-webkit - 4.4.3-1+lenny1
libqt4-opengl - 4.4.3-1+lenny1
libqt4-sql-odbc - 4.4.3-1+lenny1
libqt4-script - 4.4.3-1+lenny1
libqtgui4 - 4.4.3-1+lenny1
libqt4-dev - 4.4.3-1+lenny1
libqt4-gui - 4.4.3-1+lenny1
libqt4-network - 4.4.3-1+lenny1
libqt4-designer - 4.4.3-1+lenny1
libqt4-assistant - 4.4.3-1+lenny1
qt4-qtconfig - 4.4.3-1+lenny1
libqt4-opengl-dev - 4.4.3-1+lenny1
libqt4-sql-mysql - 4.4.3-1+lenny1
libqt4-xmlpatterns - 4.4.3-1+lenny1
x86-64:
libqt4-sql-sqlite - 4.4.3-1+lenny1
libqt4-test - 4.4.3-1+lenny1
qt4-qtconfig - 4.4.3-1+lenny1
libqt4-script - 4.4.3-1+lenny1
libqt4-qt3support - 4.4.3-1+lenny1
libqt4-dbg - 4.4.3-1+lenny1
libqt4-sql-odbc - 4.4.3-1+lenny1
libqt4-network - 4.4.3-1+lenny1
qt4-demos - 4.4.3-1+lenny1
libqt4-opengl-dev - 4.4.3-1+lenny1
libqt4-sql-mysql - 4.4.3-1+lenny1
libqt4-gui - 4.4.3-1+lenny1
qt4-dev-tools - 4.4.3-1+lenny1
libqt4-designer - 4.4.3-1+lenny1
libqtgui4 - 4.4.3-1+lenny1
libqt4-core - 4.4.3-1+lenny1
libqt4-svg - 4.4.3-1+lenny1
libqt4-sql-psql - 4.4.3-1+lenny1
libqt4-webkit-dbg - 4.4.3-1+lenny1
libqt4-webkit - 4.4.3-1+lenny1
qt4-qmake - 4.4.3-1+lenny1
libqt4-assistant - 4.4.3-1+lenny1
libqt4-help - 4.4.3-1+lenny1
libqt4-dev - 4.4.3-1+lenny1
libqt4-opengl - 4.4.3-1+lenny1
libqt4-xmlpatterns - 4.4.3-1+lenny1
libqt4-xml - 4.4.3-1+lenny1
libqt4-sql-ibase - 4.4.3-1+lenny1
libqt4-sql-sqlite2 - 4.4.3-1+lenny1
libqtcore4 - 4.4.3-1+lenny1
qt4-designer - 4.4.3-1+lenny1
libqt4-xmlpatterns-dbg - 4.4.3-1+lenny1
libqt4-sql - 4.4.3-1+lenny1
libqt4-dbus - 4.4.3-1+lenny1
armel:
qt4-qmake - 4.4.3-1+lenny1
libqt4-help - 4.4.3-1+lenny1
libqtgui4 - 4.4.3-1+lenny1
libqt4-xmlpatterns-dbg - 4.4.3-1+lenny1
libqt4-core - 4.4.3-1+lenny1
libqt4-dev - 4.4.3-1+lenny1
qt4-dev-tools - 4.4.3-1+lenny1
libqtcore4 - 4.4.3-1+lenny1
libqt4-xmlpatterns - 4.4.3-1+lenny1
libqt4-opengl-dev - 4.4.3-1+lenny1
libqt4-sql-odbc - 4.4.3-1+lenny1
libqt4-svg - 4.4.3-1+lenny1
libqt4-sql-mysql - 4.4.3-1+lenny1
libqt4-test - 4.4.3-1+lenny1
libqt4-qt3support - 4.4.3-1+lenny1
libqt4-opengl - 4.4.3-1+lenny1
qt4-demos - 4.4.3-1+lenny1
libqt4-sql-sqlite - 4.4.3-1+lenny1
libqt4-gui - 4.4.3-1+lenny1
libqt4-sql - 4.4.3-1+lenny1
libqt4-script - 4.4.3-1+lenny1
libqt4-network - 4.4.3-1+lenny1
libqt4-webkit-dbg - 4.4.3-1+lenny1
libqt4-assistant - 4.4.3-1+lenny1
qt4-designer - 4.4.3-1+lenny1
libqt4-dbg - 4.4.3-1+lenny1
libqt4-designer - 4.4.3-1+lenny1
libqt4-sql-psql - 4.4.3-1+lenny1
libqt4-xml - 4.4.3-1+lenny1
libqt4-webkit - 4.4.3-1+lenny1
libqt4-sql-sqlite2 - 4.4.3-1+lenny1
qt4-qtconfig - 4.4.3-1+lenny1
libqt4-dbus - 4.4.3-1+lenny1
alpha:
libqt4-core - 4.4.3-1+lenny1
libqt4-dbus - 4.4.3-1+lenny1
libqt4-svg - 4.4.3-1+lenny1
libqt4-sql-psql - 4.4.3-1+lenny1
qt4-dev-tools - 4.4.3-1+lenny1
libqt4-webkit-dbg - 4.4.3-1+lenny1
libqt4-network - 4.4.3-1+lenny1
libqt4-dbg - 4.4.3-1+lenny1
libqtgui4 - 4.4.3-1+lenny1
libqt4-help - 4.4.3-1+lenny1
libqtcore4 - 4.4.3-1+lenny1
libqt4-sql-sqlite2 - 4.4.3-1+lenny1
libqt4-webkit - 4.4.3-1+lenny1
libqt4-xmlpatterns-dbg - 4.4.3-1+lenny1
libqt4-assistant - 4.4.3-1+lenny1
libqt4-qt3support - 4.4.3-1+lenny1
qt4-qmake - 4.4.3-1+lenny1
qt4-qtconfig - 4.4.3-1+lenny1
libqt4-dev - 4.4.3-1+lenny1
qt4-demos - 4.4.3-1+lenny1
libqt4-xmlpatterns - 4.4.3-1+lenny1
libqt4-opengl - 4.4.3-1+lenny1
libqt4-xml - 4.4.3-1+lenny1
libqt4-sql-odbc - 4.4.3-1+lenny1
libqt4-gui - 4.4.3-1+lenny1
libqt4-script - 4.4.3-1+lenny1
libqt4-designer - 4.4.3-1+lenny1
libqt4-sql-sqlite - 4.4.3-1+lenny1
qt4-designer - 4.4.3-1+lenny1
libqt4-test - 4.4.3-1+lenny1
libqt4-opengl-dev - 4.4.3-1+lenny1
libqt4-sql - 4.4.3-1+lenny1
libqt4-sql-mysql - 4.4.3-1+lenny1
ia64:
libqt4-xmlpatterns - 4.4.3-1+lenny1
libqt4-assistant - 4.4.3-1+lenny1
libqtgui4 - 4.4.3-1+lenny1
libqt4-gui - 4.4.3-1+lenny1
libqt4-test - 4.4.3-1+lenny1
libqt4-webkit-dbg - 4.4.3-1+lenny1
libqtcore4 - 4.4.3-1+lenny1
qt4-designer - 4.4.3-1+lenn
Статус уязвимости
Подтверждена производителем
Наличие эксплойта
Данные уточняются
Информация об устранении
Уязвимость устранена
Ссылки на источники
Идентификаторы других систем описаний уязвимостей
- CVE
- CVE
- CVE
- CVE
- CVE
- CVE
- CVE
- CVE
- CVE
- CVE
- DSA
EPSS
Процентиль: 48%
0.0025
Низкий
9.3 Critical
CVSS2
Связанные уязвимости
ubuntu
почти 16 лет назад
src/network/ssl/qsslcertificate.cpp in Nokia Trolltech Qt 4.x does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
redhat
почти 16 лет назад
src/network/ssl/qsslcertificate.cpp in Nokia Trolltech Qt 4.x does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
nvd
почти 16 лет назад
src/network/ssl/qsslcertificate.cpp in Nokia Trolltech Qt 4.x does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
debian
почти 16 лет назад
src/network/ssl/qsslcertificate.cpp in Nokia Trolltech Qt 4.x does not ...
github
около 3 лет назад
src/network/ssl/qsslcertificate.cpp in Nokia Trolltech Qt 4.x does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
EPSS
Процентиль: 48%
0.0025
Низкий
9.3 Critical
CVSS2