Oval Definition:oval:org.mitre.oval:def:13946
Revision Date:2014-06-30Version:20
Title:USN-857-1 -- qt4-x11 vulnerabilities
Description:It was discovered that QtWebKit did not properly handle certain SVGPathList data structures. If a user were tricked into viewing a malicious website, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program. Several flaws were discovered in the QtWebKit browser and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that QtWebKit did not properly handle certain XSL stylesheets. If a user were tricked into viewing a malicious website, an attacker could exploit this to read arbitrary local files, and possibly files from different security zones. It was discovered that QtWebKit did not prevent the loading of local Java applets. If a user were tricked into viewing a malicious website, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2009-0945
CVE-2009-1687
CVE-2009-1690
CVE-2009-1698
CVE-2009-1699
CVE-2009-1711
CVE-2009-1712
CVE-2009-1713
CVE-2009-1725
USN-857-1
USN-857-1
Platform(s):Ubuntu 8.10
Ubuntu 9.04
Product(s):qt4-x11
Definition Synopsis
  • Release section
  • Ubuntu 8.10 is installed
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND Packages section
  • qt4-doc DPKG is earlier than 4.4.3-0ubuntu1.4
  • OR qt4-doc-html DPKG is earlier than 4.4.3-0ubuntu1.4
  • OR Architecture depended section
  • Supported architectures section
  • Installed architecture is amd64
  • OR Installed architecture is i386
  • OR Installed architecture is powerpc
  • OR Installed architecture is sparc
  • OR Installed architecture is lpia
  • AND Packages section
  • libqtgui4 DPKG is earlier than 4.4.3-0ubuntu1.4
  • OR libqt4-core DPKG is earlier than 4.4.3-0ubuntu1.4
  • OR libqt4-designer DPKG is earlier than 4.4.3-0ubuntu1.4
  • OR libqt4-webkit DPKG is earlier than 4.4.3-0ubuntu1.4
  • OR libqt4-sql-sqlite2 DPKG is earlier than 4.4.3-0ubuntu1.4
  • OR libqt4-svg DPKG is earlier than 4.4.3-0ubuntu1.4
  • OR qt4-qtconfig DPKG is earlier than 4.4.3-0ubuntu1.4
  • OR qt4-designer DPKG is earlier than 4.4.3-0ubuntu1.4
  • OR qt4-demos DPKG is earlier than 4.4.3-0ubuntu1.4
  • OR libqt4-gui DPKG is earlier than 4.4.3-0ubuntu1.4
  • OR libqt4-xmlpatterns DPKG is earlier than 4.4.3-0ubuntu1.4
  • OR libqt4-dbus DPKG is earlier than 4.4.3-0ubuntu1.4
  • OR libqt4-sql-odbc DPKG is earlier than 4.4.3-0ubuntu1.4
  • OR libqt4-script DPKG is earlier than 4.4.3-0ubuntu1.4
  • OR libqt4-xml DPKG is earlier than 4.4.3-0ubuntu1.4
  • OR libqt4-network DPKG is earlier than 4.4.3-0ubuntu1.4
  • OR libqt4-sql-sqlite DPKG is earlier than 4.4.3-0ubuntu1.4
  • OR libqt4-assistant DPKG is earlier than 4.4.3-0ubuntu1.4
  • OR libqt4-dev DPKG is earlier than 4.4.3-0ubuntu1.4
  • OR libqt4-xmlpatterns-dbg DPKG is earlier than 4.4.3-0ubuntu1.4
  • OR libqt4-qt3support DPKG is earlier than 4.4.3-0ubuntu1.4
  • OR libqt4-sql-mysql DPKG is earlier than 4.4.3-0ubuntu1.4
  • OR libqt4-test DPKG is earlier than 4.4.3-0ubuntu1.4
  • OR libqt4-opengl-dev DPKG is earlier than 4.4.3-0ubuntu1.4
  • OR libqt4-webkit-dbg DPKG is earlier than 4.4.3-0ubuntu1.4
  • OR libqt4-opengl DPKG is earlier than 4.4.3-0ubuntu1.4
  • OR libqt4-sql DPKG is earlier than 4.4.3-0ubuntu1.4
  • OR libqt4-help DPKG is earlier than 4.4.3-0ubuntu1.4
  • OR libqt4-dbg DPKG is earlier than 4.4.3-0ubuntu1.4
  • OR libqtcore4 DPKG is earlier than 4.4.3-0ubuntu1.4
  • OR qt4-dev-tools DPKG is earlier than 4.4.3-0ubuntu1.4
  • OR libqt4-sql-psql DPKG is earlier than 4.4.3-0ubuntu1.4
  • OR Release section
  • Ubuntu 9.04 is installed
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND Packages section
  • qt4-doc DPKG is earlier than 4.5.0-0ubuntu4.3
  • OR qt4-doc-html DPKG is earlier than 4.5.0-0ubuntu4.3
  • OR Architecture depended section
  • Supported architectures section
  • Installed architecture is amd64
  • OR Installed architecture is i386
  • OR Installed architecture is powerpc
  • OR Installed architecture is sparc
  • OR Installed architecture is lpia
  • AND Packages section
  • libqtgui4 DPKG is earlier than 4.5.0-0ubuntu4.3
  • OR libqt4-core DPKG is earlier than 4.5.0-0ubuntu4.3
  • OR libqt4-designer DPKG is earlier than 4.5.0-0ubuntu4.3
  • OR qt4-demos-dbg DPKG is earlier than 4.5.0-0ubuntu4.3
  • OR libqt4-webkit DPKG is earlier than 4.5.0-0ubuntu4.3
  • OR libqt4-sql-sqlite2 DPKG is earlier than 4.5.0-0ubuntu4.3
  • OR libqt4-svg DPKG is earlier than 4.5.0-0ubuntu4.3
  • OR qt4-dev-tools-dbg DPKG is earlier than 4.5.0-0ubuntu4.3
  • OR qt4-qtconfig DPKG is earlier than 4.5.0-0ubuntu4.3
  • OR qt4-designer DPKG is earlier than 4.5.0-0ubuntu4.3
  • OR qt4-demos DPKG is earlier than 4.5.0-0ubuntu4.3
  • OR libqt4-gui DPKG is earlier than 4.5.0-0ubuntu4.3
  • OR libqt4-xmlpatterns DPKG is earlier than 4.5.0-0ubuntu4.3
  • OR libqt4-dbus DPKG is earlier than 4.5.0-0ubuntu4.3
  • OR libqt4-sql-odbc DPKG is earlier than 4.5.0-0ubuntu4.3
  • OR libqt4-script DPKG is earlier than 4.5.0-0ubuntu4.3
  • OR libqt4-xml DPKG is earlier than 4.5.0-0ubuntu4.3
  • OR libqt4-network DPKG is earlier than 4.5.0-0ubuntu4.3
  • OR libqt4-sql-sqlite DPKG is earlier than 4.5.0-0ubuntu4.3
  • OR libqt4-assistant DPKG is earlier than 4.5.0-0ubuntu4.3
  • OR libqt4-dev DPKG is earlier than 4.5.0-0ubuntu4.3
  • OR qt4-qmake DPKG is earlier than 4.5.0-0ubuntu4.3
  • OR libqt4-xmlpatterns-dbg DPKG is earlier than 4.5.0-0ubuntu4.3
  • OR libqt4-qt3support DPKG is earlier than 4.5.0-0ubuntu4.3
  • OR libqt4-sql-mysql DPKG is earlier than 4.5.0-0ubuntu4.3
  • OR libqt4-test DPKG is earlier than 4.5.0-0ubuntu4.3
  • OR libqt4-opengl-dev DPKG is earlier than 4.5.0-0ubuntu4.3
  • OR libqt4-webkit-dbg DPKG is earlier than 4.5.0-0ubuntu4.3
  • OR libqt4-opengl DPKG is earlier than 4.5.0-0ubuntu4.3
  • OR libqt4-sql DPKG is earlier than 4.5.0-0ubuntu4.3
  • OR libqt4-help DPKG is earlier than 4.5.0-0ubuntu4.3
  • OR libqt4-dev-dbg DPKG is earlier than 4.5.0-0ubuntu4.3
  • OR libqt4-dbg DPKG is earlier than 4.5.0-0ubuntu4.3
  • OR libqtcore4 DPKG is earlier than 4.5.0-0ubuntu4.3
  • OR libqt4-scripttools DPKG is earlier than 4.5.0-0ubuntu4.3
  • OR qt4-dev-tools DPKG is earlier than 4.5.0-0ubuntu4.3
  • OR libqt4-sql-psql DPKG is earlier than 4.5.0-0ubuntu4.3
    • BACK