CVE-2009-2700

Related Files

Debian Linux Security Advisory 1988-1

Posted Feb 4, 2010

Authored by Debian | Site debian.org

Debian Linux Security Advisory 1988-1 - Several vulnerabilities have been discovered in qt4-x11, a cross-platform C++ application framework.

tags | advisory, vulnerability

systems | linux, debian

advisories | CVE-2009-0945, CVE-2009-1687, CVE-2009-1690, CVE-2009-1698, CVE-2009-1699, CVE-2009-1711, CVE-2009-1712, CVE-2009-1713, CVE-2009-1725, CVE-2009-2700

SHA-256 | daff4db55b92a0c5e04d3a443abe998e05fbfa184d6e3c2ab937902ece2db1a3

Download | Favorite | View

Ubuntu Security Notice 829-1

Posted Sep 11, 2009

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-829-1 - It was discovered that Qt did not properly handle certificates with NULL characters in the Subject Alternative Name field of X.509 certificates. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.

tags | advisory

systems | linux, ubuntu

advisories | CVE-2009-2700

SHA-256 | 76761fdd911615a3fddf094eefe7ccb681d7586a72b4cf9f7b14dca74b09ee79

Download | Favorite | View

Mandriva Linux Security Advisory 2009-225

Posted Sep 10, 2009

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-225 - src/network/ssl/qsslcertificate.cpp in Nokia Trolltech Qt 4.x does not properly handle a '\\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. This update provides a solution to this vulnerability.

tags | advisory, arbitrary, spoof

systems | linux, mandriva

advisories | CVE-2009-2700

SHA-256 | 74959dbefd86e3c1f5f183b6c5e4097c8722d8241ef7989ecb14b51ab805be1f

Download | Favorite | View