{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-06-29T00:00:00", "descriptions": [{"lang": "en", "value": "The QSslSocketBackendPrivate::transmit function in src_network_ssl_qsslsocket_openssl.cpp in Qt 4.6.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a malformed request."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2012-06-19T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "46410", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/46410"}, {"name": "ADV-2010-1657", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/1657"}, {"tags": ["x_refsource_MISC"], "url": "http://aluigi.org/poc/qtsslame.zip"}, {"name": "41250", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/41250"}, {"name": "65860", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/65860"}, {"name": "40389", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/40389"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://qt.gitorious.org/qt/qt/commit/c25c7c9bdfade6b906f37ac8bad44f6f0de57597"}, {"name": "SUSE-SU-2011:1113", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "https://hermes.opensuse.org/messages/12056605"}, {"tags": ["x_refsource_MISC"], "url": "http://aluigi.org/adv/qtsslame-adv.txt"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-2621", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The QSslSocketBackendPrivate::transmit function in src_network_ssl_qsslsocket_openssl.cpp in Qt 4.6.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a malformed request."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "46410", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/46410"}, {"name": "ADV-2010-1657", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/1657"}, {"name": "http://aluigi.org/poc/qtsslame.zip", "refsource": "MISC", "url": "http://aluigi.org/poc/qtsslame.zip"}, {"name": "41250", "refsource": "BID", "url": "http://www.securityfocus.com/bid/41250"}, {"name": "65860", "refsource": "OSVDB", "url": "http://osvdb.org/65860"}, {"name": "40389", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/40389"}, {"name": "http://qt.gitorious.org/qt/qt/commit/c25c7c9bdfade6b906f37ac8bad44f6f0de57597", "refsource": "CONFIRM", "url": "http://qt.gitorious.org/qt/qt/commit/c25c7c9bdfade6b906f37ac8bad44f6f0de57597"}, {"name": "SUSE-SU-2011:1113", "refsource": "SUSE", "url": "https://hermes.opensuse.org/messages/12056605"}, {"name": "http://aluigi.org/adv/qtsslame-adv.txt", "refsource": "MISC", "url": "http://aluigi.org/adv/qtsslame-adv.txt"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T02:39:37.809Z"}, "title": "CVE Program Container", "references": [{"name": "46410", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/46410"}, {"name": "ADV-2010-1657", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2010/1657"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://aluigi.org/poc/qtsslame.zip"}, {"name": "41250", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/41250"}, {"name": "65860", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/65860"}, {"name": "40389", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/40389"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://qt.gitorious.org/qt/qt/commit/c25c7c9bdfade6b906f37ac8bad44f6f0de57597"}, {"name": "SUSE-SU-2011:1113", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "https://hermes.opensuse.org/messages/12056605"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://aluigi.org/adv/qtsslame-adv.txt"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2010-2621", "datePublished": "2010-07-02T20:00:00", "dateReserved": "2010-07-02T00:00:00", "dateUpdated": "2024-08-07T02:39:37.809Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:digia:qt:*:*:*:*:*:*:*:*", "matchCriteriaId": "B9AE2922-1C8A-453D-BC5F-5F158DEB8607", "versionEndIncluding": "4.6.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:qt:qt:4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "C966DAAB-74E1-4594-9CE7-5A1A60F5061E", "vulnerable": true}, {"criteria": "cpe:2.3:a:qt:qt:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "D51BFA7D-281E-49ED-9A4B-60AD5143C4EF", "vulnerable": true}, {"criteria": "cpe:2.3:a:qt:qt:4.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "5A38B91E-698F-4638-BC3B-BD02F3313B70", "vulnerable": true}, {"criteria": "cpe:2.3:a:qt:qt:4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "7629BAB0-5077-4B82-9F11-B228E8EAFA17", "vulnerable": true}, {"criteria": "cpe:2.3:a:qt:qt:4.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "76366D45-3604-49D1-BD97-8A9FACEA2171", "vulnerable": true}, {"criteria": "cpe:2.3:a:qt:qt:4.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "EEEF60A1-5FF0-465F-A872-62F80899F870", "vulnerable": true}, {"criteria": "cpe:2.3:a:qt:qt:4.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "4D5386EE-376B-4773-8687-5314BFF35E41", "vulnerable": true}, {"criteria": "cpe:2.3:a:qt:qt:4.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "4ACE447E-BFBC-4059-9786-F8E5F512AEAA", "vulnerable": true}, {"criteria": "cpe:2.3:a:qt:qt:4.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "E3AC6465-B459-410E-A5C5-EBFF5C866009", "vulnerable": true}, {"criteria": "cpe:2.3:a:qt:qt:4.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "EF48233D-EFFE-40A1-B50A-F2184D9CF325", "vulnerable": true}, {"criteria": "cpe:2.3:a:qt:qt:4.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "610017B4-3C0A-4A59-82A1-4E20BCF786E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:qt:qt:4.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "D848BD49-3C88-4458-B8AB-AAD8DEB790BD", "vulnerable": true}, {"criteria": "cpe:2.3:a:qt:qt:4.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "0A12D978-B6FF-4C67-97D4-91A285C47813", "vulnerable": true}, {"criteria": "cpe:2.3:a:qt:qt:4.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "7DBD073E-F3E0-4273-81E9-AF010B711F08", "vulnerable": true}, {"criteria": "cpe:2.3:a:qt:qt:4.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "0D58ACBA-7DF3-403A-AC0E-94749383C750", "vulnerable": true}, {"criteria": "cpe:2.3:a:qt:qt:4.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "59D6E752-3B2E-4A95-A76A-3326CD490EDD", "vulnerable": true}, {"criteria": "cpe:2.3:a:qt:qt:4.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "7A27E4EC-9573-4C82-9B78-244DB0B06FA4", "vulnerable": true}, {"criteria": "cpe:2.3:a:qt:qt:4.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "678A25E8-57E3-4E0C-9B24-C68F11F108BA", "vulnerable": true}, {"criteria": "cpe:2.3:a:qt:qt:4.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "D16BB8CE-3871-4DFA-84BB-C089894437D2", "vulnerable": true}, {"criteria": "cpe:2.3:a:qt:qt:4.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "965B37FD-E22F-4AA7-BDC2-147A9962CFD5", "vulnerable": true}, {"criteria": "cpe:2.3:a:qt:qt:4.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "FEE12FD7-2FB2-444A-A660-86294646F8A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:qt:qt:4.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "EA4B9F55-4BFF-4FD3-A8BC-842B0467DCD5", "vulnerable": true}, {"criteria": "cpe:2.3:a:qt:qt:4.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "9DA805A7-7C62-49FD-B9A2-F81C981691C3", "vulnerable": true}, {"criteria": "cpe:2.3:a:qt:qt:4.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "D5596442-5608-439B-8BE6-53A70F20C079", "vulnerable": true}, {"criteria": "cpe:2.3:a:qt:qt:4.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "29FD745E-4B61-417F-BC66-386877E75351", "vulnerable": true}, {"criteria": "cpe:2.3:a:qt:qt:4.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2B74E5F5-CEE1-47B1-BE84-7F1C45D4FDD8", "vulnerable": true}, {"criteria": "cpe:2.3:a:qt:qt:4.6.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "82A767D8-6194-4ED5-B9BE-2A14541C141F", "vulnerable": true}, {"criteria": "cpe:2.3:a:qt:qt:4.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "874E217C-98AC-4F0B-B120-D721164912CD", "vulnerable": true}, {"criteria": "cpe:2.3:a:qt:qt:4.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "3051F46B-E301-4DF7-A89B-4E8495617888", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The QSslSocketBackendPrivate::transmit function in src_network_ssl_qsslsocket_openssl.cpp in Qt 4.6.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a malformed request."}, {"lang": "es", "value": "La funci\u00f3n QSslSocketBackendPrivate::transmit en src_network_ssl_qsslsocket_openssl.cpp en Qt v4.6.3 y anteriores permite a atacantes remotos provocar una denegaci\u00f3n de servicio (bucle infinito) a trav\u00e9s de una solicitud mal formada."}], "id": "CVE-2010-2621", "lastModified": "2024-11-21T01:17:01.280", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2010-07-02T20:30:01.707", "references": [{"source": "cve@mitre.org", "url": "http://aluigi.org/adv/qtsslame-adv.txt"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://aluigi.org/poc/qtsslame.zip"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/65860"}, {"source": "cve@mitre.org", "url": "http://qt.gitorious.org/qt/qt/commit/c25c7c9bdfade6b906f37ac8bad44f6f0de57597"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/40389"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/46410"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/41250"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/1657"}, {"source": "cve@mitre.org", "url": "https://hermes.opensuse.org/messages/12056605"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://aluigi.org/adv/qtsslame-adv.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://aluigi.org/poc/qtsslame.zip"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/65860"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://qt.gitorious.org/qt/qt/commit/c25c7c9bdfade6b906f37ac8bad44f6f0de57597"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/40389"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/46410"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/41250"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/1657"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://hermes.opensuse.org/messages/12056605"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "(QSslSocketBackendPrivate): DoS (infinite loop) via malformed request", "id": "611086", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=611086"}, "csaw": false, "cvss": {"cvss_base_score": "4.3", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "status": "draft"}, "cwe": "CWE-835", "details": ["The QSslSocketBackendPrivate::transmit function in src_network_ssl_qsslsocket_openssl.cpp in Qt 4.6.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a malformed request."], "name": "CVE-2010-2621", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "qt", "product_name": "Red Hat Enterprise Linux 6"}], "public_date": "2010-06-29T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2010-2621\nhttps://nvd.nist.gov/vuln/detail/CVE-2010-2621"], "statement": "Red Hat Product Security has rated this issue as having Low security impact. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.", "threat_severity": "Low"}