Wind River Support Network

HomeDefectsLIN5-14082
Fixed

LIN5-14082 : Security Advisory - qt - CVE-2012-6093

Created: Mar 3, 2013    Updated: Dec 19, 2017
Resolved Date: Jul 20, 2014
Previous ID: LIN3-13082
Found In Version: 5.0
Fix Version: 5.0.1.17
Severity: Standard
Applicable for: Wind River Linux 5
Component/s: Userspace

Description

The QSslSocket::sslErrors function in Qt before 4.6.5, 4.7.x before 4.7.6, 4.8.x before 4.8.5, when using certain versions of openSSL, uses an incompatible structure layout that can read memory from the wrong location, which causes Qt to report an incorrect error when certificate validation fails and might cause users to make unsafe security decisions to accept a certificate.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6093

Workaround

Unknown

Steps to Reproduce

Unknown

Other Downloads


Live chat
Online