CVE-2009-2700
Published Sep 2, 2009
Last updated 3 years ago
Overview
- Description
- src/network/ssl/qsslcertificate.cpp in Nokia Trolltech Qt 4.x does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-20
Vendor comments
- Red HatNot vulnerable. This issue did not affect the versions of qt and qt4 as shipped with Red Hat Enterprise Linux 3, 4, or 5. Affected code was introduced upstream in version 4.3.
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qt:qt:4.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C966DAAB-74E1-4594-9CE7-5A1A60F5061E"
},
{
"criteria": "cpe:2.3:a:qt:qt:4.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D51BFA7D-281E-49ED-9A4B-60AD5143C4EF"
},
{
"criteria": "cpe:2.3:a:qt:qt:4.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5A38B91E-698F-4638-BC3B-BD02F3313B70"
},
{
"criteria": "cpe:2.3:a:qt:qt:4.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7629BAB0-5077-4B82-9F11-B228E8EAFA17"
},
{
"criteria": "cpe:2.3:a:qt:qt:4.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "76366D45-3604-49D1-BD97-8A9FACEA2171"
},
{
"criteria": "cpe:2.3:a:qt:qt:4.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EEEF60A1-5FF0-465F-A872-62F80899F870"
},
{
"criteria": "cpe:2.3:a:qt:qt:4.1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4D5386EE-376B-4773-8687-5314BFF35E41"
},
{
"criteria": "cpe:2.3:a:qt:qt:4.1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4ACE447E-BFBC-4059-9786-F8E5F512AEAA"
},
{
"criteria": "cpe:2.3:a:qt:qt:4.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E3AC6465-B459-410E-A5C5-EBFF5C866009"
},
{
"criteria": "cpe:2.3:a:qt:qt:4.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EF48233D-EFFE-40A1-B50A-F2184D9CF325"
},
{
"criteria": "cpe:2.3:a:qt:qt:4.2.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "610017B4-3C0A-4A59-82A1-4E20BCF786E6"
},
{
"criteria": "cpe:2.3:a:qt:qt:4.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D848BD49-3C88-4458-B8AB-AAD8DEB790BD"
},
{
"criteria": "cpe:2.3:a:qt:qt:4.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0A12D978-B6FF-4C67-97D4-91A285C47813"
},
{
"criteria": "cpe:2.3:a:qt:qt:4.3.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7DBD073E-F3E0-4273-81E9-AF010B711F08"
},
{
"criteria": "cpe:2.3:a:qt:qt:4.3.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0D58ACBA-7DF3-403A-AC0E-94749383C750"
},
{
"criteria": "cpe:2.3:a:qt:qt:4.3.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "59D6E752-3B2E-4A95-A76A-3326CD490EDD"
},
{
"criteria": "cpe:2.3:a:qt:qt:4.3.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7A27E4EC-9573-4C82-9B78-244DB0B06FA4"
},
{
"criteria": "cpe:2.3:a:qt:qt:4.4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "678A25E8-57E3-4E0C-9B24-C68F11F108BA"
},
{
"criteria": "cpe:2.3:a:qt:qt:4.4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D16BB8CE-3871-4DFA-84BB-C089894437D2"
},
{
"criteria": "cpe:2.3:a:qt:qt:4.4.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "965B37FD-E22F-4AA7-BDC2-147A9962CFD5"
},
{
"criteria": "cpe:2.3:a:qt:qt:4.4.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FEE12FD7-2FB2-444A-A660-86294646F8A1"
},
{
"criteria": "cpe:2.3:a:qt:qt:4.5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EA4B9F55-4BFF-4FD3-A8BC-842B0467DCD5"
},
{
"criteria": "cpe:2.3:a:qt:qt:4.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9DA805A7-7C62-49FD-B9A2-F81C981691C3"
},
{
"criteria": "cpe:2.3:a:qt:qt:4.5.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D5596442-5608-439B-8BE6-53A70F20C079"
},
{
"criteria": "cpe:2.3:a:qt:qt:4.5.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "29FD745E-4B61-417F-BC66-386877E75351"
},
{
"criteria": "cpe:2.3:a:qt:qt:4.6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2B74E5F5-CEE1-47B1-BE84-7F1C45D4FDD8"
},
{
"criteria": "cpe:2.3:a:qt:qt:4.6.0:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "82A767D8-6194-4ED5-B9BE-2A14541C141F"
},
{
"criteria": "cpe:2.3:a:qt:qt:4.6.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "874E217C-98AC-4F0B-B120-D721164912CD"
},
{
"criteria": "cpe:2.3:a:qt:qt:4.6.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3051F46B-E301-4DF7-A89B-4E8495617888"
},
{
"criteria": "cpe:2.3:a:qt:qt:4.6.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0C8BED3D-E6E9-4A7F-A186-DD7DC20706D1"
},
{
"criteria": "cpe:2.3:a:qt:qt:4.6.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1C5CFCD4-6CB1-489D-9619-B0169EA1719C"
},
{
"criteria": "cpe:2.3:a:qt:qt:4.7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5C2D2DA2-4D77-4396-97A7-D4ED0F633E19"
},
{
"criteria": "cpe:2.3:a:qt:qt:4.7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1BC1BC2C-6D99-463F-9326-AF9B468E03F2"
},
{
"criteria": "cpe:2.3:a:qt:qt:4.7.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "342A67CF-B332-46D1-A3FF-604552953C66"
},
{
"criteria": "cpe:2.3:a:qt:qt:4.7.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9239A893-506A-4853-8B00-FCDE5EC3E5DB"
},
{
"criteria": "cpe:2.3:a:qt:qt:4.7.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1A6196C5-BB95-447A-B610-4765AB702F96"
},
{
"criteria": "cpe:2.3:a:qt:qt:4.7.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3E398049-C78A-452C-9FBF-E32DC86BDBD0"
},
{
"criteria": "cpe:2.3:a:qt:qt:4.8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B307395A-36B6-4F54-92C9-D732580F3EBE"
},
{
"criteria": "cpe:2.3:a:qt:qt:4.8.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F9D0CB6E-5275-4D51-81F1-84D456F936B9"
},
{
"criteria": "cpe:2.3:a:qt:qt:4.8.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "214A1125-FBE9-433D-8B05-10595CD59F24"
},
{
"criteria": "cpe:2.3:a:qt:qt:4.8.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EB7CC6B1-7E40-4D6A-94CF-7412EA3F8534"
},
{
"criteria": "cpe:2.3:a:qt:qt:4.8.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "062A62AA-EC5B-4D8E-9337-D25DF4FE56FA"
}
],
"operator": "OR"
}
]
}
]