LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: August 29th, 2014
Linux Security Week: August 25th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Pardus: 2010-106: Qt: Multiple Vulnerabilities Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Multiple vulnerabilities have been fixed in Qt.
------------------------------------------------------------------------
Pardus Linux Security Advisory 2010-106           security@pardus.org.tr
------------------------------------------------------------------------
      Date: 2010-08-11
  Severity: 4
      Type: Local
------------------------------------------------------------------------

Summary
======
Multiple vulnerabilities have been fixed in Qt.


Description
==========
CVE-2009-2841:

The HTMLMediaElement::loadResource function in html/HTMLMediaElement.cpp
in WebCore in WebKit before r49480, as used in Apple Safari before 4.0.4
on Mac OS X, does not perform the expected callbacks for HTML  5  media
elements that have external URLs  for  media  resources,  which  allows
remote attackers to trigger sub-resource requests to arbitrary web sites
via a crafted HTML document, as demonstrated by an HTML e-mail  message
that uses a media element for X-Confirm-Reading-To  functionality,  aka
rdar problem 7271202.



CVE-2010-1766:

Off-by-one error in the WebSocketHandshake::readServerHandshake function
in websockets/WebSocketHandshake.cpp in WebCore in WebKit before r56380,
as used in Qt and other products, allows remote websockets  servers  to
cause  a denial  of  service  (memory  corruption)  or  possibly  have
unspecified other impact via an upgrade header that is long and invalid.



CVE-2010-1392:

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac
OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac  OS  X  10.4,
allows remote attackers to execute arbitrary code or cause a denial  of
service (application crash) via vectors related to HTML buttons.



CVE-2010-1396:

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac
OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac  OS  X  10.4,
allows remote attackers to execute arbitrary code or cause a denial  of
service (application crash) via vectors related to  removing  container
elements.



CVE-2010-1397:

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac
OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac  OS  X  10.4,
allows remote attackers to execute arbitrary code or cause a denial  of
service (application crash) via vectors  related  to  a  layout  change
during  selection rendering  and  the   DOCUMENT_POSITION_DISCONNECTED
attribute in a container of an unspecified type.



CVE-2010-1398:

WebKit in Apple Safari before 5.0 on Mac OS X  10.5  through  10.6  and
Windows, and before 4.1 on Mac OS X 10.4,  does  not  properly  perform
ordered list insertions,  which  allows  remote  attackers  to  execute
arbitrary code or cause a denial  of  service  (memory  corruption  and
application crash) via a crafted HTML document, related to the insertion
of an unspecified element into an editable container and the access  of
an uninitialized element.



CVE-2010-1412:

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac
OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac  OS  X  10.4,
allows remote attackers to execute arbitrary code or cause a denial  of
service (application crash) via vectors related to hover events.



CVE-2010-1770:

WebKit in Apple Safari before 5.0 on Mac OS X  10.5  through  10.6  and
Windows, Apple Safari before 4.1 on Mac OS X 10.4,  and  Google  Chrome
before 5.0.375.70 does not properly handle a transformation of  a  text
node that has the IBM1147 character set, which allows remote  attackers
to  execute arbitrary  code  or  cause  a  denial  of  service  (memory
corruption and application crash) via a crafted HTML document containing
a BR element, related to a type checking issue.



CVE-2010-1774:

WebKit in Apple Safari before 5.0 on Mac OS X  10.5  through  10.6  and
Windows, and before 4.1 on Mac OS X 10.4, accesses out-of-bounds memory
during processing of HTML tables,  which  allows  remote  attackers  to
execute arbitrary code or cause a denial of service (application crash)
via a crafted HTML document.


Affected packages:

  Pardus 2009:
    qt, all before 4.6.3-78-23


Resolution
=========
There are update(s) for qt. You can update them via Package Manager  or
with a single command from console:

    pisi up qt

References
=========
  * http://bugs.pardus.org.tr/show_bug.cgi?id765
  * http://qt.nokia.com/developer/changes/changes-4.6.3

------------------------------------------------------------------------
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Weekend Edition
How Cops and Hackers Could Abuse California’s New Phone Kill-Switch Law
Why Russian hackers are beating us
DQ Breach? HQ Says No, But Would it Know?
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.