CVE-2010-5076 — Vulnetix

Try Vulnetix Request Demo

CVE-2010-5076 PUBLISHED CVSS 4.300000190734863 MEDIUM

QSslSocket in Qt before 4.7.0-rc1 recognizes a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.

EPSS 0.49% · 65.6th percentile

Risk Scores

CVSS v2.0

4.300000190734863

EPSS Score

0.49%

65.6th percentile

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
qt	qt	4.0.0, 4.0.1, 4.1.0
digia	qt	0

Timeline

Jun 29, 2012 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score

References

http://www.westpoint.ltd.uk/advisories/wp-10-0001.txt url
USN-1504-1 vendor-advisory
49895 third-party-advisory
RHSA-2012:0880 vendor-advisory
41236 third-party-advisory
http://qt.gitorious.org/qt/qt/commit/846f1b44eea4bb34d080d055badb40a4a13d369e url
http://qt.gitorious.org/qt/qt/commit/5f6018564668d368f75e431c4cdac88d7421cff0 url
49604 third-party-advisory
https://bugreports.qt-project.org/browse/QTBUG-4455 url
https://nvd.nist.gov/vuln/detail/CVE-2010-5076 advisory

Open in Interactive Console →