What is the severity of CVE-2010-2621?

CVE-2010-2621 is classified as a denial of service vulnerability that can lead to an infinite loop.

How do I fix CVE-2010-2621?

To address CVE-2010-2621, upgrade to a version of Qt later than 4.6.3 where the vulnerability has been resolved.

What versions of Qt are affected by CVE-2010-2621?

CVE-2010-2621 affects Qt versions 4.6.3 and earlier, including all versions from 4.0.0 to 4.6.2.

Can CVE-2010-2621 be exploited remotely?

Yes, CVE-2010-2621 can be exploited by remote attackers through a malformed request, leading to a denial of service.

What impact does CVE-2010-2621 have on applications using Qt?

Applications using affected versions of Qt may experience service interruption due to the infinite loop triggered by the vulnerability.

Vulnerability/
CVE-2010-2621

medium

CWE

2/7/2010

7/8/2024

CVE-2010-2621: Input Validation

First published: Fri Jul 02 2010(Updated: )

The QSslSocketBackendPrivate::transmit function in src_network_ssl_qsslsocket_openssl.cpp in Qt 4.6.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a malformed request.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Qt	<=4.6.3
Trolltech Qt	=4.0.0
Trolltech Qt	=4.0.1
Trolltech Qt	=4.1.0
Trolltech Qt	=4.1.1
Trolltech Qt	=4.1.2
Trolltech Qt	=4.1.3
Trolltech Qt	=4.1.4
Trolltech Qt	=4.1.5
Trolltech Qt	=4.2.0
Trolltech Qt	=4.2.1
Trolltech Qt	=4.2.3
Trolltech Qt	=4.3.0
Trolltech Qt	=4.3.1
Trolltech Qt	=4.3.2
Trolltech Qt	=4.3.3
Trolltech Qt	=4.3.4
Trolltech Qt	=4.3.5
Trolltech Qt	=4.4.0
Trolltech Qt	=4.4.1
Trolltech Qt	=4.4.2
Trolltech Qt	=4.4.3
Trolltech Qt	=4.5.0
Trolltech Qt	=4.5.1
Trolltech Qt	=4.5.2
Trolltech Qt	=4.5.3
Trolltech Qt	=4.6.0
Trolltech Qt	=4.6.0-rc1
Trolltech Qt	=4.6.1
Trolltech Qt	=4.6.2

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2010-2621?
CVE-2010-2621 is classified as a denial of service vulnerability that can lead to an infinite loop.
How do I fix CVE-2010-2621?
To address CVE-2010-2621, upgrade to a version of Qt later than 4.6.3 where the vulnerability has been resolved.
What versions of Qt are affected by CVE-2010-2621?
CVE-2010-2621 affects Qt versions 4.6.3 and earlier, including all versions from 4.0.0 to 4.6.2.
Can CVE-2010-2621 be exploited remotely?
Yes, CVE-2010-2621 can be exploited by remote attackers through a malformed request, leading to a denial of service.
What impact does CVE-2010-2621 have on applications using Qt?
Applications using affected versions of Qt may experience service interruption due to the infinite loop triggered by the vulnerability.

agent/type
collector/mitre-cve
source/MITRE
agent/weakness
agent/author
agent/last-modified-date
agent/severity
agent/references
agent/first-publish-date
agent/event
agent/description
agent/source
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-historical
agent/softwarecombine
agent/tags
vendor/digia
canonical/qt
version/qt/4.6.3
vendor/qt
canonical/trolltech qt
version/trolltech qt/4.0.0
version/trolltech qt/4.0.1
version/trolltech qt/4.1.0
version/trolltech qt/4.1.1
version/trolltech qt/4.1.2
version/trolltech qt/4.1.3
version/trolltech qt/4.1.4
version/trolltech qt/4.1.5
version/trolltech qt/4.2.0
version/trolltech qt/4.2.1
version/trolltech qt/4.2.3
version/trolltech qt/4.3.0
version/trolltech qt/4.3.1
version/trolltech qt/4.3.2
version/trolltech qt/4.3.3
version/trolltech qt/4.3.4
version/trolltech qt/4.3.5
version/trolltech qt/4.4.0
version/trolltech qt/4.4.1
version/trolltech qt/4.4.2
version/trolltech qt/4.4.3
version/trolltech qt/4.5.0
version/trolltech qt/4.5.1
version/trolltech qt/4.5.2
version/trolltech qt/4.5.3
version/trolltech qt/4.6.0
version/trolltech qt/4.6.0-rc1
version/trolltech qt/4.6.1
version/trolltech qt/4.6.2