English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.67701
Category:Fedora Local Security Checks
Title:Fedora Core 12 FEDORA-2010-11020 (qt)
Summary:NOSUMMARY
Description:Description:
The remote host is missing an update to qt
announced via advisory FEDORA-2010-11020.

Update Information:

This is an update to the latest stable bugfix qt release, including several
security fixes related to qtwebkit. For details, see also:
http://qt.nokia.com/about/news/nokia-releases-qt-4.6.3
http://qt.nokia.com/developer/changes/changes-4.6.3

References:

[ 1 ] Bug #525791 - CVE-2009-2841 WebKit, qt: Unallowed sub-resources loading in the media element handling code
https://bugzilla.redhat.com/show_bug.cgi?id=525791
[ 2 ] Bug #596494 - CVE-2010-1766 WebKit: off-by-one memory corruption flaw WebSocketHandshake::readServerHandshake()
https://bugzilla.redhat.com/show_bug.cgi?id=596494
[ 3 ] Bug #596498 - CVE-2010-1772 WebKit: use-after-free vulnerability in handling of geolocation events
https://bugzilla.redhat.com/show_bug.cgi?id=596498
[ 4 ] Bug #596500 - CVE-2010-1773 WebKit: off-by-one memory read out of bounds vulnerability in handling of HTML lists
https://bugzilla.redhat.com/show_bug.cgi?id=596500

Solution: Apply the appropriate updates.

This update can be installed with the yum update program. Use
su -c 'yum update qt' at the command line.
For more information, refer to Managing Software with yum,
available at http://docs.fedoraproject.org/yum/.

http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2010-11020

Risk factor : Critical

CVSS Score:
10.0

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2010-1119
http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html
http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html
http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html
BugTraq ID: 40620
http://www.securityfocus.com/bid/40620
http://dvlabs.tippingpoint.com/blog/2010/02/15/pwn2own-2010
http://news.cnet.com/8301-27080_3-20001126-245.html
http://twitter.com/thezdi/statuses/11001080021
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7037
http://securitytracker.com/id?1024067
http://secunia.com/advisories/40105
http://secunia.com/advisories/40196
http://securityreason.com/securityalert/8128
http://www.vupen.com/english/advisories/2010/1373
http://www.vupen.com/english/advisories/2010/1512
Common Vulnerability Exposure (CVE) ID: CVE-2010-1400
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=870
http://www.mandriva.com/security/advisories?name=MDVSA-2011:039
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7031
http://secunia.com/advisories/41856
http://secunia.com/advisories/43068
SuSE Security Announcement: SUSE-SR:2011:002 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
http://www.ubuntu.com/usn/USN-1006-1
http://www.vupen.com/english/advisories/2010/2722
http://www.vupen.com/english/advisories/2011/0212
http://www.vupen.com/english/advisories/2011/0552
Common Vulnerability Exposure (CVE) ID: CVE-2010-1778
http://lists.apple.com/archives/security-announce/2010//Jul/msg00001.html
BugTraq ID: 42020
http://www.securityfocus.com/bid/42020
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11639
Common Vulnerability Exposure (CVE) ID: CVE-2010-1303
http://www.osvdb.org/63425
http://secunia.com/advisories/39220
XForce ISS Database: taxonomy-names-xss(57445)
https://exchange.xforce.ibmcloud.com/vulnerabilities/57445
Common Vulnerability Exposure (CVE) ID: CVE-2010-1392
http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html
Bugtraq: 20100608 VUPEN Security Research - Apple Safari WebKit HTML Button Use-after-free Vulnerability (CVE-2010-1392) (Google Search)
http://www.securityfocus.com/archive/1/511700/100/0/threaded
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7024
http://secunia.com/advisories/42314
Common Vulnerability Exposure (CVE) ID: CVE-2010-1396
BugTraq ID: 40647
http://www.securityfocus.com/bid/40647
http://www.zerodayinitiative.com/advisories/ZDI-10-092
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7288
Common Vulnerability Exposure (CVE) ID: CVE-2010-1397
Bugtraq: 20100608 ZDI-10-095: Apple Webkit DOCUMENT_POSITION_DISCONNECTED Attribute Remote Code Execution Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/511721/100/0/threaded
http://www.zerodayinitiative.com/advisories/ZDI-10-095
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6912
Common Vulnerability Exposure (CVE) ID: CVE-2010-1398
Bugtraq: 20100608 ZDI-10-097: Apple Webkit ContentEditable moveParagraphs Uninitialized Element Remote Code Execution Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/511719/100/0/threaded
http://www.zerodayinitiative.com/advisories/ZDI-10-097
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7556
Common Vulnerability Exposure (CVE) ID: CVE-2010-1412
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7606
Common Vulnerability Exposure (CVE) ID: CVE-2010-1770
http://lists.apple.com/archives/security-announce/2010//Sep/msg00002.html
http://zerodayinitiative.com/advisories/ZDI-10-093/
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7099
http://secunia.com/advisories/40072
Common Vulnerability Exposure (CVE) ID: CVE-2010-1773
BugTraq ID: 41575
http://www.securityfocus.com/bid/41575
http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044023.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044031.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11830
http://secunia.com/advisories/40557
http://www.vupen.com/english/advisories/2010/1801
Common Vulnerability Exposure (CVE) ID: CVE-2010-1774
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7476
XForce ISS Database: safari-webkit-htmltables-ce(59218)
https://exchange.xforce.ibmcloud.com/vulnerabilities/59218
Common Vulnerability Exposure (CVE) ID: CVE-2010-0047
http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html
BugTraq ID: 38671
http://www.securityfocus.com/bid/38671
http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041383.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041432.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041436.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6882
http://www.securitytracker.com/id?1023708
Common Vulnerability Exposure (CVE) ID: CVE-2010-0648
http://code.google.com/p/chromium/issues/detail?id=32309
http://nomoreroot.blogspot.com/2010/01/little-bug-in-safari-and-google-chrome.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12665
Common Vulnerability Exposure (CVE) ID: CVE-2010-0656
BugTraq ID: 38372
http://www.securityfocus.com/bid/38372
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14501
http://securitytracker.com/id?1023506
Common Vulnerability Exposure (CVE) ID: CVE-2010-0046
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7053
Common Vulnerability Exposure (CVE) ID: CVE-2010-0049
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=863
http://osvdb.org/62942
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6810
Common Vulnerability Exposure (CVE) ID: CVE-2010-0050
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7587
XForce ISS Database: safari-nested-html-code-exec(56836)
https://exchange.xforce.ibmcloud.com/vulnerabilities/56836
Common Vulnerability Exposure (CVE) ID: CVE-2010-0051
http://code.google.com/p/chromium/issues/detail?id=9877
http://scarybeastsecurity.blogspot.com/2009/12/generic-cross-browser-cross-domain.html
http://websec.sv.cmu.edu/css/css.pdf
http://osvdb.org/62944
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7554
XForce ISS Database: safari-stylesheet-info-disclosure(56837)
https://exchange.xforce.ibmcloud.com/vulnerabilities/56837
Common Vulnerability Exposure (CVE) ID: CVE-2010-0052
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7403
Common Vulnerability Exposure (CVE) ID: CVE-2010-0054
http://osvdb.org/62949
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6915
Common Vulnerability Exposure (CVE) ID: CVE-2009-2841
http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html
http://lists.apple.com/archives/security-announce/2010/Feb/msg00000.html
BugTraq ID: 36996
http://www.securityfocus.com/bid/36996
http://threatpost.com/en_us/blogs/apple-patches-critical-safari-vulnerabilities-111109
http://osvdb.org/59941
http://www.securitytracker.com/id?1023167
http://secunia.com/advisories/37346
http://www.vupen.com/english/advisories/2009/3217
XForce ISS Database: safari-5media-security-bypass(54242)
https://exchange.xforce.ibmcloud.com/vulnerabilities/54242
Common Vulnerability Exposure (CVE) ID: CVE-2010-1766
Common Vulnerability Exposure (CVE) ID: CVE-2010-1772
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11661
CopyrightCopyright (c) 2010 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.