MidnightBSD

Advisories for digia

CVE-2010-1766 HIGH

Off-by-one error in the WebSocketHandshake::readServerHandshake function in websockets/WebSocketHandshake.cpp in WebCore in WebKit before r56380, as used in Qt and other products, allows remote websockets servers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an upgrade header that is long and invalid.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-189,

Products Affected

Vendor Product Version
webkit webkit *
digia qt *
CVE-2010-2621 MEDIUM

The QSslSocketBackendPrivate::transmit function in src_network_ssl_qsslsocket_openssl.cpp in Qt 4.6.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a malformed request.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
qt qt 4.4.0
qt qt 4.5.0
qt qt 4.0.1
qt qt 4.1.0
qt qt 4.3.0
qt qt 4.3.4
qt qt 4.1.5
qt qt 4.4.1
qt qt 4.1.4
qt qt 4.2.0
qt qt 4.3.2
digia qt *
qt qt 4.3.3
qt qt 4.0.0
qt qt 4.3.5
qt qt 4.2.3
qt qt 4.1.3
qt qt 4.4.3
qt qt 4.5.2
qt qt 4.5.3
qt qt 4.5.1
qt qt 4.1.1
qt qt 4.6.2
qt qt 4.6.0
qt qt 4.6.1
qt qt 4.2.1
qt qt 4.3.1
qt qt 4.4.2
qt qt 4.1.2
CVE-2010-5076 MEDIUM

QSslSocket in Qt before 4.7.0-rc1 recognizes a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
qt qt 4.4.0
qt qt 4.5.0
qt qt 4.0.1
qt qt 4.1.0
qt qt 4.3.0
qt qt 4.3.4
qt qt 4.1.5
qt qt 4.4.1
qt qt 4.1.4
qt qt 4.2.0
qt qt 4.3.2
digia qt *
qt qt 4.3.3
qt qt 4.0.0
qt qt 4.3.5
qt qt 4.2.3
qt qt 4.1.3
qt qt 4.4.3
qt qt 4.5.2
qt qt 4.5.3
qt qt 4.5.1
qt qt 4.1.1
qt qt 4.6.2
qt qt 4.6.3
qt qt 4.6.0
qt qt 4.6.1
qt qt 4.2.1
qt qt 4.3.1
qt qt 4.4.2
qt qt 4.1.2
CVE-2012-5624 MEDIUM

The XMLHttpRequest object in Qt before 4.8.4 enables http redirection to the file scheme, which allows man-in-the-middle attackers to force the read of arbitrary local files and possibly obtain sensitive information via a file: URL to a QML application.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
qt qt 4.4.0
qt qt 3.3.2
qt qt 4.5.0
qt qt 1.43
qt qt 4.8.2
qt qt 3.3.0
qt qt 3.3.5
qt qt 4.7.5
qt qt 4.3.0
qt qt 4.3.4
qt qt 4.8.1
qt qt 4.7.0
qt qt 4.7.2
qt qt 3.3.4
qt qt 4.1.4
qt qt 4.2.0
canonical ubuntu_linux 11.10
qt qt 1.44
qt qt 4.4.3
qt qt 4.6.4
qt qt 1.41
qt qt 4.5.3
qt qt 4.5.1
qt qt 2.0.1
qt qt 4.6.2
qt qt 4.6.0
qt qt 4.6.1
qt qt 4.7.1
qt qt 2.0.2
qt qt 1.42
qt qt 3.3.1
qt qt 4.3.1
qt qt 4.7.6
canonical ubuntu_linux 12.10
qt qt 3.3.3
qt qt 4.1.2
qt qt 4.0.1
canonical ubuntu_linux 12.04
qt qt 4.1.0
qt qt 4.6.5
qt qt 4.1.5
qt qt 4.4.1
qt qt 4.3.2
digia qt *
qt qt 4.3.3
qt qt 4.8.0
qt qt 4.7.4
qt qt 4.0.0
qt qt 4.3.5
canonical ubuntu_linux 10.04
qt qt 4.2.3
qt qt 4.1.3
qt qt 4.5.2
qt qt 3.3.6
qt qt 4.1.1
qt qt 4.6.3
qt qt 4.7.3
qt qt 2.0.0
qt qt 4.2.1
qt qt 4.4.2
qt qt 1.45
CVE-2013-4549 MEDIUM

QXmlSimpleReader in Qt before 5.2 allows context-dependent attackers to cause a denial of service (memory consumption) via an XML Entity Expansion (XEE) attack.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
digia qt *
qt qt 5.0.2
CVE-2015-0295 MEDIUM

The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service (divide-by-zero and crash) via a crafted BMP file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-189,

Products Affected

Vendor Product Version
digia qt *
fedoraproject fedora 20
fedoraproject fedora 22
opensuse opensuse 13.1
fedoraproject fedora 21
CVE-2015-1858 MEDIUM

Multiple buffer overflows in gui/image/qbmphandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted BMP image.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
qt qt 5.2.0
qt qt 5.4.1
qt qt 5.1.0
fedoraproject fedora 20
qt qt 5.2.1
fedoraproject fedora 22
qt qt 5.0.2
qt qt 5.3.0
digia qt *
qt qt 5.0.0
qt qt 5.0.1
fedoraproject fedora 21
CVE-2015-1859 MEDIUM

Multiple buffer overflows in plugins/imageformats/ico/qicohandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted ICO image.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
qt qt 5.2.0
qt qt 5.4.1
qt qt 5.1.0
fedoraproject fedora 20
qt qt 5.2.1
fedoraproject fedora 22
qt qt 5.0.2
qt qt 5.3.0
digia qt *
qt qt 5.0.0
qt qt 5.0.1
fedoraproject fedora 21
CVE-2015-1860 MEDIUM

Multiple buffer overflows in gui/image/qgifhandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted GIF image.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
qt qt 5.2.0
qt qt 5.4.1
qt qt 5.1.0
fedoraproject fedora 20
qt qt 5.2.1
fedoraproject fedora 22
qt qt 5.0.2
qt qt 5.3.0
digia qt *
qt qt 5.0.0
qt qt 5.0.1
fedoraproject fedora 21