Richard Moore and Simon Ward reported flaw in the way Qt software toolkit handled wildcard characters in the Common Name field of a x509v3 digital certificate. If an attacker is able to get a carefully-crafted certificate, signed by a Certificate Authority trusted by Konqueror / Arora web browsers, the attacker could use the certificate during the man-in-the-middle attack and potentially confuse Konqueror / Arora into accepting it by mistake. Different vulnerability than CVE-2009-2408. References: [1] http://www.westpoint.ltd.uk/advisories/wp-10-0001.txt [2] http://bugs.gentoo.org/show_bug.cgi?id=335730
Upstream commit addressing this issue: http://qt.gitorious.org/qt/qt/commit/846f1b44eea4bb34d080d055badb40a4a13d369e KDE code re-implements name checking code in KIO::TCPSlaveBase, following KDE commit changes that code to address wp-10-0001 as well as the issue with * wilcard matching more than one host name label (see QTBUG-4455 or bug #520435, comment #2): http://websvn.kde.org/?view=revision&revision=1173851 (trunk) http://websvn.kde.org/?view=revision&revision=1173904 (4.4)
(In reply to comment #17) > Upstream commit addressing this issue: > http://qt.gitorious.org/qt/qt/commit/846f1b44eea4bb34d080d055badb40a4a13d369e This patch has to be applied after: http://qt.gitorious.org/qt/qt/commit/5f6018564668d368f75e431c4cdac88d7421cff0 which is a fix for: http://bugreports.qt.nokia.com/browse/QTBUG-4455 (see bug #520435, comment #2)
This issue has been assigned CVE-2010-5076
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2012:0880 https://rhn.redhat.com/errata/RHSA-2012-0880.html