Fedora 10 : qt-4.5.2-2.fc10 (2009-8802)

High Nessus Plugin ID 40681


The remote Fedora host is missing a security update.


Qt's WebKit code did not properly handle numeric character references, which could allow remote attackers to cause a denial of service (memory corruption and application crash) via a crafted HTML document.
Also included is: * a fix for lib symlinks changing erroneously on upgrades * a fix for Copy and paste issues * added support for more x keycodes

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.


Update the affected qt package.

See Also



Plugin Details

Severity: High

ID: 40681

File Name: fedora_2009-8802.nasl

Version: 1.12

Type: local

Agent: unix

Published: 2009/08/24

Updated: 2019/08/02

Dependencies: 12634

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:qt, cpe:/o:fedoraproject:fedora:10

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 2009/08/20

Reference Information

CVE: CVE-2009-1725

FEDORA: 2009-8802

CWE: 189