CVE-2009-2700

Priority
Description
src/network/ssl/qsslcertificate.cpp in Nokia Trolltech Qt 4.x does not
properly handle a '\0' character in a domain name in the Subject
Alternative Name field of an X.509 certificate, which allows
man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted
certificate issued by a legitimate Certification Authority, a related issue
to CVE-2009-2408.
Assigned-to
jdstrand
Notes
Package
Upstream:needs-triage
More Information

Updated: 2020-03-18 22:00:35 UTC (commit 2ea7df7bd1e69e1e489978d2724a936eb3faa1b8)