Candidate: CVE-2011-3366
PublicDate: 2011-11-29 17:55:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3366
 http://www.kde.org/info/security/advisory-20111003-1.txt
Description:
 Rekonq 0.7.0 and earlier does not use a certain font when rendering
 certificate fields in a security dialog, which allows remote attackers to
 spoof the common name (CN) of a certificate via rich text.
Ubuntu-Description: 
Notes: 
 jdstrand> Ubuntu 11.04 and earlier uses KSslInfoDialog from kdelibs
Bugs: 
 https://bugs.launchpad.net/ubuntu/+source/rekonq/+bug/857437
Priority: medium
Discovered-by:
Assigned-to: jdstrand
CVSS: 

Patches_rekonq:
 upstream: 85f454faabef5453c08eb5493d0afc63e23f650b
 upstream: 526ce56f7e6ae3c8a2aa1c96f4e87af9eaa305e1
 upstream: d1711fffc795d925d89980f56cd02b767e871c59
upstream_rekonq: needs-triage
hardy_rekonq: DNE
lucid_rekonq: not-affected (code-not-present)
maverick_rekonq: not-affected (code-not-present)
natty_rekonq: not-affected (code-not-present)
oneiric_rekonq: not-affected (0.7.90-0ubuntu1)
devel_rekonq: not-affected