[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247974

 
 

909

 
 

194654

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2010-2621Date: (C)2010-07-02   (M)2023-12-22


The QSslSocketBackendPrivate::transmit function in src_network_ssl_qsslsocket_openssl.cpp in Qt 4.6.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a malformed request.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.0
Exploit Score: 10.0
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL
  
Reference:
SECUNIA-40389
BID-41250
SECUNIA-46410
OSVDB-65860
ADV-2010-1657
SUSE-SU-2011:1113
http://aluigi.org/adv/qtsslame-adv.txt
http://aluigi.org/poc/qtsslame.zip
http://qt.gitorious.org/qt/qt/commit/c25c7c9bdfade6b906f37ac8bad44f6f0de57597

CPE    1
cpe:/a:digia:qt
CWE    1
CWE-20
OVAL    1
oval:org.secpod.oval:def:20973

© SecPod Technologies